Difference between authorized_keys and id_rsa.pub [closed] - rsa

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I am experimenting with vagrant and I see that when I run vagrant, the vagrant box already has an authorized_keys file in ~/.ssh/
Inside is an rsa key. What is the difference in this key and if I create an id_rsa.pub public key myself using
ssh-keygen -t rsa -b 4096 -C "your_email#example.com"

id_rsa.pub is a public key that you add to other hosts' authorized_keys files to allow you to log in as that user. Vagrant has one so it can be added to other hosts' authorized_keys files so it can log in automatically. The one you generated with ssh-keygen is for you to use, not Vagrant.
authorized_keys is a list of public keys that are allowed to log into that specific account on that specific server.
Think of id_rsa.pub as a signature for a specific user and authorized_keys as a list of authorized signatures who can log into that account on that specific host without a password (assuming they can prove they own the signature).

Related

ssh from a cluster node triggers public key error for all remote hosts (MWE for github) [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Question:
For some reason all remote hosts stopped accepting my ssh key.
While troubleshooting this, I finally realized that even removing my public key completely from github (which should still fall back to password until 8/13) still produces a "publickey" error. How do I fix this?
Steps to reproduce:
remove my cluster account public key from github user settings
attempt to connect (produces error)
[me#login-node:/data/homevols/me] $ssh -T git#github.com
Permission denied (publickey).
Sanity-check:
[me#login-node:/data/homevols/me] $less ~/.ssh/config
Host *
IdentityFile ~/.ssh/id_rsa
/data/homevols/me/.ssh/config (END)
I have never seen GitHub fall back to password with SSH: it uses the technical account git, for which there is no password anyway.
That means ssh -oPubkeyAuthentication=no git#github.com would still return git#github.com: Permission denied (publickey)., without asking for password.
In your case: generate a new SSH key, add the public one to your profile, and try again:
ssh -Tv git#github.com
You should see a Welcome message
> Hi username! You've successfully authenticated, but GitHub does not
> provide shell access.

How to change Postgres database username from inside the pod? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I want to change my Postgres database username and password for the running pod.
I am able to change the password but how to change the username?
Connect to the pod:
kubectl exec -it <pod-name> bash
Run psql
# psql
psql>
Create the user:
CREATE USER name CREATEUSER;
ALTER USER name WITH PASSWORD 'your-password';
or simply run createuser from the pod:
# createuser --aduser name

ssh: pgbarman setup issues in Amazon-EC2 & Azure [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have two servers, one in Amazon EC2 instance (t1.medium) and another in Microsoft Azure (medium) instance. Both these servers have the same config Ubuntu LTS 12.04.1, 64-bit arch running PostgreSQL 9.1. I need to setup disaster recovery system on Azure (turn on WAL archiving for the Amazon instance's Database for my specific schedules of data backups via pgbarman).
While going through the pgbarman-docs, one of the mandatory requirements is thaat,
ssh communication required on both ends without password authentication/prompt. (Pgbarman has a pre-requisite to have postgres#amazon to ssh directly to barman#azure and vice-versa. See, Getting started with Pgbarman).
But my complexities for logging to these instances are below:
Amazon EC2 has a .pem file which can be accessed without any password authentication: ssh -i my-pem-file.pem ubuntu#my-instance-public-ip-region.compute.amazonaws.com
Azure doesn't has a .pem file. Instead, it can be accessed with a password mechanism: ssh azure-user#app.cloudapp.net
Still, to enable the setup I did the below,
I created a key file postgres-barman.pub via ssh-keygen from barman#azure.
Transferred this file to Amazon via ssh-copy-id -i ubuntu#amazon (See below links for more information)
My problems are:
ssh Azure to Amazon:
I cannot transfer this file to postgres user:
cat postgres-barman.pub | ssh -i my-pem-file.pem postgres#amazon 'cat >> .ssh/authorized_keys' but if I change destination's user to ubuntu, the file gets copied.
After transferring the file (via ubuntu user), I try to do this: ssh postgres#amazon. It fails.
ssh Amazon to Azure
The same file is now residing on both sides. Still, if I issue ssh barman#azure, it asks for a password authentication (which is set to yes in /etc/ssh/sshd_config of the Azure instance). I cannot proceed with this die to barman pre-req.
Amazon allows to be sshed only via ubuntu user. I need to be enable this for postgres user. Can this be done?
Note: Amazon has PasswordAuthentication set to no in it's sshd_config file.
References:
ssh-copy-id:
Ubuntu SSH,
3 steps to Perform SSH Login Without Password Using ssh-keygen & ssh-copy-id and
SSH-in-Linux.
Anyway, I got it sorted out.
I wasn't doing the configuration properly. This is what I did.
On Amazon:
ubuntu#amazon~$ sudo -s
root#amazon~$ passwd postgres
Enter new UNIX Password:
ubuntu#amazon~$ su - postgres
Password:
postgres#amazon~$ ssh-keygen -t rsa
postgres#amazon~$ scp .ssh/id_rsa.pub barman#azure-ip:~/.ssh/
On Azure:
ubuntu#azure~$ sudo -s
root#azure~$ passwd barman
Enter new UNIX Password:
ubuntu#azure~$ su - barman
Password:
barman#azure~$ cd .ssh
barman#azure~$ cat .ssh/id_rsa.pub >>~/.ssh/authorized_keys
Now, ssh to azure:
postgres#amazon:~$ ssh barman#azure
Now, repeat the same for Azure.
Only difference was that, the key transfer to Amazon wasn't happening via scp. So, I copied the contents from id_rsa.pub in barman#azure's /.ssh folder, pasted in postgres#amazon's .ssh/authorized_keys file and saved it.
Now, ssh to amazon:
barman#azure:~$ ssh postgres#amazon
It works! Thanks for the advice!
References:
Switch user in Linux/Ubuntu
Barman-setup-explained
Now to worry about barman' cronjob.

accessing MATLAB from a different user account [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I have MATLAB installed in my home directory on a linux machine which has multiple users. I want to allow one specific user and not all users to be able to run MATLAB from his user login. How can I do this?
I believe that one way to do this is to change the permissions of my home directory so that it's accessible to all users but I don't want to do that.
You can change the permissions on just the MATLAB install.
If MATLAB is installed to /home/*squirly*/MATLAB, you could run the command below to make it accessible to all users.
chmod -R a+rw /home/*squirly*/MATLAB
If you do not own the directory you will need to prepend the command with sudo.
BONUS:
If you want to allow only some users to use MATLAB.
Make a group called matlab:
sudo groupadd matlab
Make matlab the group owner of the matlab install:
sudo chgrp -R matlab /home/*squirly*/MATLAB
Allow the group to read/write to the matlab directory:
sudo chmod -R g+rw /home/*squirly*/MATLAB
Add users who will use matlab to the matlab group:
sudo usermod -aG matlab *squirly*

GitHub SSH Config: "Bad configuration option: IdentifyFile" [closed]

Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
I'm trying to create a .ssh/config file for multiple SSH accounts (specifically for github.com). I've tried several tutorials and github help walk-throughs but nothing seems to work.
I created a id_rsa_test and id_rsa_test.pub. I uploaded id_rsa_test.pub to github.
I then created a ~/.ssh/config file with the following:
# github account
Host github.com-test github.com
Hostname github.com
User git
IdentifyFile ~/.ssh/id_rsa_test
and
# github account
Host github.com-test github.com
Hostname github.com
User git
IdentifyFile ~/.ssh/id_rsa_test.pub
I then try several commands. i.e.:
git clone git#github-test:username/my_project.git
git push
...everytime I get the following error:
/home/username/.ssh/config: line 5: Bad configuration option: IdentifyFile
/home/username/.ssh/config: terminating, 1 bad configuration options
fatal: The remote end hung up unexpectedly
Any suggestions?
It is IdentityFile with a 't', not IdentifyFile.