Subscribe

passwordless ssh to filer

I am trying to ssh without password to my filers but after i generated my ssh keys, I tried to create a folder

\\filer\C$\etc$\sshd\root

it will not allow me to create a root directory

I am trying to copy this authorized_keys file to

\\filer\c$\etc\sshd\root\.ssh

help

Re: passwordless ssh to filer

It is
filer\C$\etc\sshd\root not
filer\C$\etc$\sshd\root.

Re: passwordless ssh to filer

yes its that directory but I cannot create the root directory

Re: passwordless ssh to filer

Are you able to create any directory under /etc at all? Do you have CIFS license? What is security style of root volume?

Re: passwordless ssh to filer

If you do not have neither CIFS nor NFS licenses, you could create this directory using diag account.

Note: take care using this account.

First, enter in advanced mode:

filer> priv set advanced

Now, unlock and set a password to diag account:

filer*> useradmin diaguser unlock

filer*> useradmin diaguser password

Enter in the systemshell, create the directory you need and put the pubkey generated in the authorized_keys file:

filer*> systemshell

login: diag

Password: the same you set in the previous step

filer% mkdir -p /mroot/etc/sshd/root/.ssh

filer% vi /mroot/etc/sshd/root/.ssh/authorized_keys

filer% sudo chown -R root:wheel /mroot/etc/sshd/root

filer% sudo chmod -R 0600 /mroot/etc/sshd/root


Then, exit systemshell, lock diag account and exit advanced mode:

filer% exit

filer*> useradmin diaguser lock

filer*> priv set admin

Re: passwordless ssh to filer

You should have added that it applies to Data ONTAP 8.x only.

Re: passwordless ssh to filer

Hi aborzenkov, you are right!

But even Data ONTAP is previous than 8.x , it is possible to accomplish this task only through CLI.

filer> wrfile /etc/authorized_keys

filer> ndmpd status

filer> ndmpd on (if is off)

filer> ndmpcopy /etc/authorized_keys /etc/sshd/root/.ssh

filer> ndmp off (if it was off in the previous step)

filer> priv set diag

filer> rm /etc/authorized_keys

filer> priv set admin

Re: passwordless ssh to filer

ok i created the dir and put in the authorized_keys file under


filer\c$\etc\sshd\root

but still ssh from my management workstation asking for password

Re: passwordless ssh to filer

The right path is:

filer\c$\etc\sshd\root\.ssh

Also make sure the option bellow is set to 'on':

options ssh.pubkey_auth.enable

Re: passwordless ssh to filer

still not working. strange.

options ssh

ssh.access *

ssh.enable on

ssh.idle.timeout 0

ssh.passwd_auth.enable on

ssh.port 22

ssh.pubkey_auth.enable on

ssh1.enable on

ssh2.enable on

authorized_keys is under


filer\c$\etc\root\.ssh\authorized_keys

authorized keys was generated from my mgmt workstation