Unsolved
This post is more than 5 years old
5 Practitioner
•
274.2K Posts
0
11154
Data Domain adminaccess ssh
I am trying to add a public rsa key generated on a Linux client to a Data Domain running 5.7.1.
It successfully imports, but the key gets broken up in multiple separate line.
I import it with the command:
$ cat id_rsa.pub | ssh -l sysadmin
It fails to be referenced at a login attempt because for some reason it gets parsed into 7 separate lines when it is piped into adminaccess.
Does this problem look familiar to anyone?
When I log onto the Data Domain, it should look like this:
# adminaccess show ssh-keys
User "sysadmin" :
1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC67V1jgwpKJwLIdJ77iuaOSqmKFLmBvXaNcfGD2PUvloaPH6eoHJA8jbGtwLAqjXdlSxGJkh3sfyXszROtspJgGDnHC1M2xfzU6OWubyY37o0c2TdkshPDTtRIiC7pCVPDInKVx3RETRiEqrEIpQIfcPKJDwCvx65AFgS40z9nZSeqeh1ny5KtIXTO7gm6gdsPnLdLKLiYwkqlwlbesCPMEnfGLAZCvft6k331s9QM746zRIbTSb0bv1f60uqCD2HFinmrDGotS5NVDZJZPby6ckkvBuPbHDRXjnQyMk17m7zaEEgT2enlEwmlkmQtutM4Bei0jaR7YWUiS1jYEHQv walkerm@USCSWALKERML1C
But instead it looks something like this:
# adminaccess show ssh-keys
User "sysadmin" :
1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC67V1jgwpKJwLI
2 dJ77iuaOSqmKFLmBvXaNcfGD2PUvloaPH6eoHJA8jbGtwLAqjXdlSx
3 GJkh3sfyXszROtspJgGDnHC1M2xfzU6OWubyY37o0c2TdkshPDTtRIi
4 C7pCVPDInKVx3RETRiEqrEIpQIfcPKJDwCvx65AFgS40z9nZSeqeh1
5 ny5KtIXTO7gm6gdsPnLdLKLiYwkqlwlbesCPMEnfGLAZCvft6k331s9Q
6 M746zRIbTSb0bv1f60uqCD2HFinmrDGotS5NVDZJZPby6ckkvBuPbHD
7 RXjnQyMk17m7zaEEgT2enlEwmlkmQtutM4Bei0jaR7YWUiS1jYEHQv wergem@USCSWERGEML1C
Sacto_NSR_Guru
16 Posts
1
November 18th, 2016 14:00
I've seen a similar issue and have used this syntax to import the keys with success:
That should do the same as your cat pipe method but you might try it anyway. Also before you insert the new key delete the multi-line key that was inserted before.
One last thought is around how the current key file looks. If you edited it with a Windows box it may have some Windows style carriage returns in it that cause the Data Domain to break up the key. Make sure that it is in a Linux format and doesn't have any carriage returns in it.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 19th, 2016 12:00
I actually used the append-from-the-end method first, before I had tried the cat-pipe method I posted above. It had produced the same result.
The key files were generated on Linux, and never left the server. I examined them in vi with ":set lines" and did not see and EOL's.
I asked the customer to forward me the pub key so that I can experiment with it on a lab DD. I'l see what I can determine on Monday.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 21st, 2016 11:00
The problem may be that is an SSH2 key pair. Going to try an SSH1 key pair . . .
Sacto_NSR_Guru
16 Posts
0
November 21st, 2016 13:00
I have found that DCA encryption doesn't work anymore. I used ECDSA encryption and that is working. I'm not sure if this will affect importing the actual key though.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 22nd, 2016 08:00
Not going to post a resolution for this one. The key pairs were intended as an authentication mechanism for a Java executable. Instead, we're just going to use Java to generate an encrypted binary to add to the config file. Similar to /etc/passwd and /etc/shadow.