I have a Public Cloud instance via OVH. I reinstalled my computer without backing up my ssh-key. I also forgot the root password for the server. I do have access to my Public Cloud control panel and rebooted with rescue mode.
However, when I change my root password (via the noVNC console) and then reboot to my Ubuntu disk, the new password is incorrect.
The passwd command returns: passwd: password updated successfully!.
But then I can't login as root with the new password after exiting rescue mode.
What am I doing wrong?:
By default, password login for root and the default user is not possible by ssh. If you used a key, you'll need to replace that key via the Rescue Mode. You can follow that guide to do that : Replacing your lost ssh key pair
Also, remember that you need to mount your partition containing your OS before doing any modification. The step are well describe in the OVH documentation here : Put an instance in Rescue Mode
When you are in rescue mode and you change the password with passwd, you change the password for the rescue mode only !
If you want to change you "normal OS" password from the rescue mode, you first need to chroot into the partition holding your "normal OS" and then use passwd there to change your password:
$ chroot /mnt/vdb1/
$ passwd
More details in the official doc
Related
I am using vscode to connect to a remote host. I use Remote-SSH (ms-vscode-remote.remote-ssh) extension to do so. Every time I want to connect to the remote host, I need to enter the password.
Is there a way to save the ssh password to vscode?
To setup password-less authentication for ssh on Visual Studio Code, perform the following steps.
These examples assume the following (replace with your actual details)
Host: myhost
Local User: localuser
Remote User: remoteuser
Remote User Home Dir: remoteuserhome
SSH Port: 22
I'm using a Mac so Windows will be a bit different but the basics are the same
Tell VS Code and your machine in general how you will be connecting to myhost
Edit:
/Users/<localuser>/.ssh/config
Add:
Host <myhost>
HostName <myhost>
User <remoteuser>
Port 22
PreferredAuthentications publickey
IdentityFile "/Users/<localuser>/.ssh/<myhost>_rsa"
Next generate a public and a private key with something like OpenSSL
ssh-keygen -q -b 2048 -P "" -f /Users/<localuser>/.ssh/keys/<myhost>_rsa -t rsa
This should make two files:
<myhost>_rsa (private key)
<myhost>_rsa.pub (public key)
The private key (<myhost>_rsa) can stay in the local .ssh folder
The public key (<myhost>_rsa.pub) needs to be copied to the server (<myhost>)
I did it with FTP but you can do it however you wish but it needs to end up in a similar directory on the server.
ON THE SERVER
There is a file on the server which has a list of public keys inside it.
<remoteuserhome>/.ssh/authorized_keys
If it exists already, you need to add the contents of <myhost>_rsa.pub to the end of the file.
If it does not exist you can use the <myhost>_rsa.pub and rename it to authorized_keys with permissions of 600.
If everything goes according to plan you should now be able to go into terminal and type
ssh <remoteuser>#<myhost>
and you should be in without a password. The same will now apply in Visual Studio Code.
Let's answer the OP's question first:
How to 'save ssh password'?
Since there is no such thing as "ssh password", the answer to "how to save the remote user password" is:
This is not supported by VSCode.
VSCode proposes to setup an SSH Agent in order to cache the passphrase (in case you are using an encrypted key)
But if the public key was not properly registered to the remote account ~/.ssh/authorized_key, SSH daemon will default to the remote user credentials (username/password).
It is called PasswordAuthentication, often the remote user password.
And caching that password is not supported for SSH sessions.
It is only supported by a Git credential helper, when using HTTPS URLs.
(it defers to the OS underlying credential manager)
But I don't know of a remote user password cache when SSH is used.
As Chagai Friedlander comments, the answer to the original question is therefore:
No, but you can use SSH keys and that is better.
Speaking of SSH keys:
"ssh password": Assuming you are referring to a ssh passphrase, meaning you have created an encrypted private key, then "saving the ssh password" would mean caching that passphrase in order to avoid entering it every time you want to access the remote host.
Check first if you can setup the ssh-agent, in order to cache the passphrase protecting your private key.
See "VSCode: Setting up the SSH Agent"
This assumes you are using an SSH key, as described in "VSCode: Connect to a remote host", and you are not using directly the remote user password.
Using an SSH key means its public key would have been registered to the remote account ~/.ssh/authorized_keys file.
This section is the workaround the OP ended up accepting: registering the public key on the remote user account, and caching the local private key passphrase worked.
For those trying to connect through Vscode Remote SSH Extension steps provided at https://code.visualstudio.com/docs/remote/troubleshooting#_ssh-tips)
For Windows(Host) --> Linux(Remote)
Create an SSH .pub key in your windows ssh-keygen -t rsa -b 4096
Copy the contents of the .pub key (default path C:\Users\username/.ssh/id_rsa.pub)
SSH into Remote machine and append the contents of the pub key in authorized keys echo "pub-key" >> ~/.ssh/authorized_keys
I'm trying to setup passwordless ssh access to my cluster.
I've used ssh-copy-id clsadmin#my-clusterhostname and entered the cluster password when promoted. The output from ssh-copy-id shows:
Number of key(s) added: 1
However, when I try to ssh into the cluster, I'm prompted for my password. If I log in to the cluster, I can see the key has been added to ~/.ssh/authorized_keys.
Why is passwordless ssh not working after these steps?
The problem seemed to be because I had used a DSA key. After creating a RSA key and copying that to the cluster, I was able to login over ssh without entering my credentials.
I followed the guide from https://help.github.com/articles/generating-ssh-keys/ to generate a ssh key used to connect to github from my server.
The problem is if I close the shell and login the server again, I have to repeat below steps to reconnect to github, otherwise the accessing will be denied:
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
How can I setup a permanent connection with github?
Since you are logging on to the command-line (presumably using SSH) all applications that you run, including ssh-agent, stop when you log out.
In my opinion your best bet is to have your CentOS machine start ssh-agent for you each time you log in, then manually use ssh-add to add your key. This can be done by modifying your shell's login script. If you are using bash, this file is called ~/.bash_profile. If you are using another shell, refer to its documentation and choose an appropriate file.
Edit one of these files and add eval "$(ssh-agent -s)" at the end.
Now, each time you log in ssh-agent should automatically start, and you can optionally run ssh-add (since you are using a file that ssh-add looks for by default you don't need to pass the file to the command) to add your key, then do Git stuff.
It sounds like you want to automate the adding of the key as well. This isn't something that I would choose to do since I like adding keys to be explicit, but because you don't have a passphrase on your SSH key you should be able to add ssh-add to the same file we modified above (after we start the agent, of course) and have your key added automatically.
Thanks #Chris
I did the following and it worked:-
Step1:- .bash_profile
Step2:- enter image description here
Step3:-source .bash_profile
Step4:- enter image description here
I'm trying to execute below command using Putty pscp tool.
pscp -v -pw mypassword "X:\data\temp*" root#172.x.x.x:\tmp\data
I'm getting following error.
Fatal: Disconnected: No supported authentication methods available
I have to pass user name and password. And on target system I don't have much of control.
Could anybody point out what I'm doing wrong?
The remote server might be rejecting ssh with a password. You could try to set up DSA or RSA keys with puttygen but you would need to change the key on the remote site. Does this work with ftp? Root login might also be disabled, and besides its usually a bad idea. That is why someone suggested that this go to the superuser forum. Root is not a regular user and remote login might be disabled in /etc/sshd_config.
Changed
...
PermitRootLogin no
...
PasswordAuthentication no
...
To
...
PermitRootLogin yes
...
PasswordAuthentication yes
And it worked!
First, my teammate is successfully deploying on almost exactly the same setup and using the exact same config as me re deploy. Therefore, cannot be a deploy configuration issue, there is nothing local or unique to any of our machines.
Second, I can successfully login via my machine using ssh user#server.com without password prompt.
However, I have tried everything to stop capistrano asking this question:
--recursive; fi"
servers: ["myserver.com"]
Password:
* [deploy:update_code] rolling back
I have tried every single password I have, and not entering a password. I don't even know what this password is for. Is it SSH? Because I don't even have a password protected key file.
I'm totally lost and I've literally been debugging this for 5 hours now without a single change in status. I'd really appreciate some help on how I can find out what the problem is.
Note, cap deploy simply works for my teammate using same config, same server. Everything, except different key file (note mine works and tested via ssh command).
Do you have to specify user#server.com to SSH to your server successfully (i.e., do you have a different username on your remote server from your local machine)?
You might just need to tell Capistrano what username it should be using to connect with by adding it to your deploy.rb:
set :user, "your-username"
You could also change the default username SSH will pick for that server by using ~/.ssh/config:
Host your.server.name
User your-username