auth Linux through public keys
Hello
I'm trying to collect data from linux with only key hosts public auth allowed. I can't not try ssh connection successfully and learn to quickly identify. However, the inventory data collection or obtained performance has failed. Ssh auth on the remote control shows that this public key is not tried but a password. If I clear it explicitly auth password on the remote it had just fail without error left auth methods. It seems that the auth keys is not even tried. In the process running, I see different behavior when the connection test and published data collection. Looks like that the PuTTY is started during the test and plink when a real task as the inventory. So the question is - is there a way to force them to use the authentication of public key instead of passwords.
Thank you.
It seems that sorting.
VMware KB: Unix or Linux data collection fails with unknown error key
should be done under the account of the collector service is started as. Unfortunately, the article is not mentioned. Also encountered problems with the data manager then connected under Member's account but no sense in my case of departure.
Tags: VMware
Similar Questions
-
Rsync for lenovo ix2 with ssh public key
Dear Lenovo,
Bought your ix2.
And I would like to use as a backup device on another place.
So I have a linux sever rsyncing to the ix2.
Cron in order to synchronize the files I need, I want to add the public key in the authorized keys file.
However, this doesn't seem to be possible.
When you enable the rsync rsync user Protocol, but he has a home directory: / pools/A/A0
to which he has no right to write a file of authorized keys.
This is NOT very practical.
Try to synchronize the other way around, through a copy on the ix2 job, is also not an option, because it will then try to copy the entire tree, without being able to clarify what I need to copy
It would be possible to
(1) add a home directory for the user rsync in which to store the file authorized_keys
(2) add the Taks copy module options, to specify what to copy? for example *.db / only the content of the directory, no subdirectories?
(3) give me another solution to this challenge?
Stephan
Do you have a restart of the ix2.
This reveals another challenge: at each reboot the rsync home dir is deleted
However, as a result of new steps 1-4
then enter the key:
SSH-copy-id - i /root/.ssh/id_rsa.pub rsync@nasip
Now it works!
-
Certificate of loading error: could not create the EC public key
Hello
I'm trying to set up a development environment for Android applications.
When you run the wizard of BlackBerry deployment configuration, I have this error in the record of signature:
"Certificate of loading error: java.io.IOException: subject to key, not able to create the EC public key.
I'm under Eclipse 3.8 on Linux Ubuntu 64-bit.
Any help is welcome.
Thank you!
Patrick
Thanks to some more troubleshooting, Patrick and I have reduced the question up to 1.7 Java incompatibility.
To all readers, our nos exigences requirements of system for BlackBerry plugin reconditioning says a requirement of Java 1.6.
https://developer.BlackBerry.com/Android/documentation/sys_requirements_1848536_11.html
I hope this can help some other developers with a similar problem.
Justin
-
Problem of deploying an application that uses a public key
All,
I have an application that I connect to deploy using the keys provided by RIM. To access this application, the user must connect by entering a user name and password. So far, and for security reasons, we have not stored the password in the persistent storage.
New feature requires that the password is stored in the persistent store - I followed this article I found who speaks to protect certain objects of persistent storage:
I ended up creating a new public key (I called him IMB) so now I have to ask signatures through the signing tool in Eclipse and then use the file signer utility to sign the rest of the objects with our own key (IMB). Things seem to work ok on the Simulator, so I am now ready to deploy a version on a web server so that users can download OTA. The problem is that after I used the file signer utility, I can't seem to be able to extract the files from brother COD, I used to be able to open the cod built with Winzip but not more, I get an error message. If I don't use singer file, I can extract without a problem but then the app does not work properly.
I can't seem to find any information on this point - any input would be appreciated.
Thank you!
Use the RemoteClientAdmin tool on your server of signing authority to send you a CSI file, that you can install in Eclipse.
-
[SOLVED] How to create public keys to ssh to ESXi to another host?
I have read a number of different sites trying to find information on how to do it properly, but I had no luck. I'm afraid at this point I'm all mixed up or miss me something simple [painfully].
My goal is to create keys so that I can ssh/scp, as root, the ESXi server to another server in linux/unix under a different name. Most, if not all of the sites I found coverage today the reverse: ssh/scp from another machine to the ESXi server. I assume that ssh ESXi-> another host via keys is possible...?
I believe that I'm almost there, but in all honesty, I don't know. Here's what I've done so far.
- RSA and DSA keys with dropbear created on the ESXi Server
- convert keys RSA and DSA dropbear ssh format
- Cat's public RSA and DSA keys in the ~/.ssh/authorized_keys on the server that I would like to ssh/scp
- even tried to make a copy of authorized_keys as authorized_keys2 on the destination server
- same CAT had the public keys of the ESXi authorized_keys & authorized_keys2
- went up to copy the private key (!) from the ESXi server on the server I ssh/scp area in
In regards to the box, I'm remote in I
- keys generated with ssh-keygen - t dsa and rsa
- typed in a sentence
- CAT had the public key in .ssh/authorized_keys on ESXi box
- as above in desperation I added it in the file authorized_keys local
- copied authorized_keys to authorized_keys2
- copied private keys (!) of the destination inbox ESXi machine
I tried ssh username FQDN, ssh username@FQDN-l and with the IP address itself, whenever I was asked for a password. Naturally if I just ssh hostname it trying to connect as root, which is not allowed and will fail. Again, I apologize because I'm probably all mixed now. might be wise to simply erase all keys & start over.
Is this possible?
Is anyone interested in lending a hand?
Resources
http://communities.VMware.com/docs/doc-8890
http://pkeck.myWeb.uga.edu/SSH/
http://computerpr0n.com/2011/04/ESXi-remote-management-part-2/
I blogged about this recently:
-
When you try to join my key, the option "Attach my public key" is deleted so I can't use it.
This is a reference to the "Digital Signature and encryption of Messages. When you try to send my key by e-mail, the option "Attach my public key" is deleted so I can't use it. I have a work around, but it's a little embarrassing.
Any ideas?
Thank you very much
Kevin
When your issue has been resolved can mark this thread as "solved" Please?
Thank you. -
Hu_RSAKeySet RSA public key encryption
I have a public key and I'm trying to encrypt data with it. This is my code:
sb_GlobalCtx globalContext; hu_GlobalCtxCreateDefault(&globalContext); hu_RegisterSbg56RSA(globalContext); hu_RegisterSbg56(globalContext); hu_RegisterSystemSeed(globalContext); hu_InitSbg56(globalContext); sb_Context context = NULL; unsigned char modChar[2048] = { 0xCA, 0x26, 0xFF, 0x56, 0xBF, 0xBF, 0x49, 0x5B, 0x94, 0xED, 0x94, 0x6E, 0xBB, 0x7A, 0xD0, 0x9D, 0xA0, 0x72, 0xE5, 0xD2, 0x96, 0x31, 0x85, 0x41, 0x78, 0x1C, 0xC9, 0x95, 0xAF, 0x79, 0x62, 0xC4, 0xC2, 0x8E, 0xA9, 0xAF, 0x08, 0x22, 0xDE, 0x22, 0x48, 0x65, 0xDA, 0x1D, 0xCA, 0x12, 0x99, 0x42, 0xB3, 0x56, 0xA7, 0x99, 0xCA, 0x27, 0x7B, 0x2B, 0x45, 0x77, 0x14, 0x5B, 0xE1, 0x75, 0x04, 0x3D, 0xDB, 0x68, 0x45, 0x46, 0x72, 0x61, 0x20, 0xA9, 0xA2, 0xD9, 0x50, 0xD0, 0x63, 0x9B, 0x4E, 0x7B, 0xA4, 0xA4, 0x48, 0xD7, 0xA9, 0x01, 0xD1, 0x8A, 0x69, 0x78, 0x6C, 0x79, 0xA8, 0x84, 0x39, 0x42, 0x32, 0xB3, 0xB1, 0x1F, 0x04, 0x4D, 0x06, 0xCA, 0x2C, 0xD5, 0xA0, 0x45, 0x8D, 0x10, 0x44, 0xD5, 0x73, 0xDF, 0x89, 0x0C, 0x25, 0x1D, 0xCF, 0xFC, 0xB8, 0x07, 0x6B, 0x1F, 0xFA, 0xAE, 0x67, 0xF9 }; uchar mySeed[4]; size_t seedLen = 4; success = hu_SeedGet(&seedLen, mySeed, globalContext); sb_RNGCtx rngCtx = NULL; success = hu_RngCreate(seedLen, mySeed, NULL, NULL, NULL, &rngCtx, globalContext); sb_Params rsaParams = 0; success = hu_RSAParamsCreate(size_t(2048), rngCtx, NULL, &(rsaParams), globalContext); success = hu_RSAKeySet(rsaParams, 0, NULL, (size_t)2048, modChar, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, NULL, &pubKey, globalContext);Achieve anything except because when I get to hu_RSAKeySet, it returns SB_ERR_BAD_RSA_N. I think that my sizes are mixed, but making (size_t) 128 and the size of modChar to 128 do not work either.
I used this as a guide, but it generates the private and public, I just need the public if I can do hu_RSAPublicEncrypt: https://github.com/blackberry/Cascades-Community-Samples/blob/4749d8105d1136b960784ae451cd78fca5377b...
Is anyone able to tell me why my module is bad?
Understand my question, the RSAParamsCreate wants to have the size of the key in BITS that I had trouble backtracking 1024, 2048, so my modChar necessary to the size in BYTES to create a modChar [128] and the params size 1024, and then in the set of keys, I have the size be 128.
-
Server has a small ephemeral Diffie-Hellman public key ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY
Hello
I first Cisco and I get the following error when I go to open a session. I used IE, Chrome, Firefox, but have the same condition. To get the solution.
Server has a low public key ephemeral Diffie-Hellman
ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEYCreate a new shortcut and click on the link provided to run the program. Make sure that Chrome is in the right place of the folder.
-
Public keys on the Modules of Code
Greetings,
I would like to know how to extract the public key modules are already installed on the BlackBerry.
I know there is the CodeSignigKey.getPublicKey () method, which is what I guess you would be able to extract the public key. I do the following:
... int handle = CodeModuleManager.getModuleHandle("Argle"); byte[] pubKey = CodeSigningKey.get(handle,CodeSigningKey.RRT_SIGNER_ID).getPublicKey(); ...My assumptions are that each single program (considering third-party applications) should have a signature RRT. It's what you do when you sign your apps (three signatures RRT, RBB, CPR).
What I don't understand is this:
Is CodeSigningKey.RRT_SIGNER_ID id signatory for the pair of keys to the RIM and so that's the reason why I always get a key public zero for third-party applications?
Are the public key embedded in the modules or can they be extracted of the modules?
Thank you
Sheran
Okay, I was incorrectly assuming that the CodeSigningKey would allow me to extract the public key from the developer who signed the module. Thank you for that clarification.
-
How to create the public key to VM
I'm new to the cloud and have seen VM public key option, can someone tell me how to create this key to go forward.
Kind regards
-
How to export the public key / certificate of OUD?
Hi all
Maybe it's to export the public key of a unified directory of Oracle?
I.e. I have Setup SSL on port 636.
I had created a new certificate self-signed and added to the LDAP server following the guide of SSL to get up and running fast - Oracle Fusion Middleware Oracle Administration Guide unified directory.
But the certificate for the LDAP server sends when the connection to this is some other certificate and not my certificate.
CN = computer name, O = Oracle unified the self-signed certificate directory
Instead of
CN = Company.com, o = company, c is AU
that I had created. Because when I created this certificate I exported public key in a text file as per step 4.
Any guidance would be great.
Hello
You want to assign a new SSL certificate to the OUD instance or you just want to export the existing one so that you can import it into a truststore customer?
To export the cert public key OUD, follow these steps:
JAVA_HOME/bin/keytool - export - keystore
/OUD/config/keystore-alias server-cert-file mycert.cer You will be asked the password store which is located in OUD_INSTANCE_DIR>/OUD/config/keystore.pin
-Sylvain
------
When closing a thread as answered don't forget to mark the messages correct and useful to make it easier for others to find their
-
Server has a weak and ephemeral Diffie-Hellman public key
Seems 45 Chrome and Firefox 40 block ciphers DHE
Today, we get the following errors when you browse the vRO Web Interface (and the Configuration interface)
Tested with the device of the two vRO 6.0.1 and 6.0.2 versions
Everyone knows this? And is there no work around better than using the '-cipher-suite-blacklist = "parameter in Chrome?
I have raised a support ticket with VMware, but thought it would be an idea to post here as well.
Chrome:
Server has a weak and ephemeral Diffie-Hellman public key
ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY
Hide details
This error can occur when you connect to a secure (HTTPS) server. This means that the server tries to establish a secure connection, but because of a disastrous misconfiguration, the connection would be not sure at all!
In this case, the server must be fixed. Google Chrome will not use unsecured connections to protect your privacy.
Learn more about this problem.
Firefox:
The secure connection failed
An error occurred during a connection to vro-device - hostname:8283. SSL has received a low ephemeral Diffie-Hellman key in the handshake message exchange the server key. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Contact the web site owners to inform them of this problem.
You can try to change the two server.xml file in: / etc/vco/app-server and/etc/vco/configuration in the update of the file server.xml "ciphers" attribute by removing TLS_DHE_... ciphers. Then, restart the vco-server, vco-configuration services server vco and vco-configuration services
-
Oracle FTP adapter - possibility of using the public key and the password
Hi all
One needs to connect to a target SFTP server using the public key and password using the Oracle's FTP adapter. Is it possible and feasible?
I think it's usually one of them that would be used (the password or public key).
Could someone help me with this please?
Thank you
Kind regards
Nanan
Hi all
We checked it with Oracle and it happens that this feature is not available in the product. It is probably considered to be an improvement.
Hope that this update would be useful at all.
Thank you
Kind regards
Nanan
-
public key error trying to import customization specifications
Hello, I am trying to export sheet customization of my vCenter 4.0 installation and import them into my vCenter 4.1. When I try to import it to vCenter 4.1, I get this error "Cannot decrypt the password":
«The public key in the specification, does not match the public key of vCenter.» Click OK to open the Customization Wizard of specification, retype the password and continue with the import. »
I can enter the password again and continue the import with no problems, but I don't own any customization specifications and don't know any of the passwords.
Us would appreciate it if anyone can help please correct me any problem I have with this key public vCenter?
Thanks in advance!
Shayne
sh4yne wrote:
I can enter the password again and continue the import with no problems, but I don't own any customization specifications and don't know any of the passwords.
find someone who does, or create new customization techniques. Because the passwords are encrypted in the customization specification, when you export an environment and in another, you must update the administrator password.
-
Unsupported key type: DSA Sun public key
Hi all
Does anyone know how to use the algorithm of SHA1withDSA with WSS4J/axis?
When you use a private key generated by the keytool with type DSA utility, I get errors:
org.apache.ws.security.WSSecurityException: cannot encrypt data
Caused by: java.security.InvalidKeyException: unsupported key type: Sun DSA public key
It seems I have generate the key using RSA type.
Kind regards
Alex
Published by: ao on 12-mar-2012 12:53DSA (Digital Signature Algorithm) keys, by definition, can only be used for the digital signature and not for encryption. As EJP suggested, you must use the RSA key-type and the SHA1withRSA - I would recommend using SHA256withRSA - construct to allow the confidentiality of messages.
Arshad Noor
StrongAuth, Inc..
Maybe you are looking for
-
The printer is an Epson. I tried to restart the computer and the printer without improvement. Have fiddled with every setting I can find...
-
I received the alert to update Firefox, but during download and try to install, by moving the Firefox to the Applications icon, receive the message "insufficient privileges" box
-
Add hard drive to the Pavilion e9240f
Can I add another internal hard drive to my HP Pavilion e9240f that works under Windows 7 64-bit? I'm looking to acquire another "Western Digital 1 TB Caviar Green SATA Intellipower 32 MB Cache Bulk/OEM Desktop Hard Drive WD10EADS" to complete the o
-
Start menu don't store and display recently opened programs
One of the ID of the user (Vista computer) will not store & display recently open in the Start Menu programs. The ID shows them correctly. I know how to activate it in the taskbar and Start Menu properties, but it still won't show them. I transferred
-
I bought Probook 4530 s, not even 5 months after the second problem here is for me. my HP DVDRAM GT31L showing each disk as white. It is not read anything, but it burns well after having burned a disc I tested it on another PC, it is readable with al