Network Storage Protocols Discussions
I am trying to ssh without password to my filers but after i generated my ssh keys, I tried to create a folder
it will not allow me to create a root directory
I am trying to copy this authorized_keys file to
It is filer\C$\etc\sshd\root not filer\C$\etc$\sshd\root.
yes its that directory but I cannot create the root directory
Are you able to create any directory under /etc at all? Do you have CIFS license? What is security style of root volume?
If you do not have neither CIFS nor NFS licenses, you could create this directory using diag account.
Note: take care using this account.
First, enter in advanced mode:
filer> priv set advanced
Now, unlock and set a password to diag account:
filer*> useradmin diaguser unlock
filer*> useradmin diaguser password
Enter in the systemshell, create the directory you need and put the pubkey generated in the authorized_keys file:
Password: the same you set in the previous step
filer% mkdir -p /mroot/etc/sshd/root/.ssh
filer% vi /mroot/etc/sshd/root/.ssh/authorized_keys
filer% sudo chown -R root:wheel /mroot/etc/sshd/root
filer% sudo chmod -R 0600 /mroot/etc/sshd/root
Then, exit systemshell, lock diag account and exit advanced mode:
filer*> useradmin diaguser lock
filer*> priv set admin
You should have added that it applies to Data ONTAP 8.x only.
Hi aborzenkov, you are right!
But even Data ONTAP is previous than 8.x , it is possible to accomplish this task only through CLI.
filer> wrfile /etc/authorized_keys
filer> ndmpd status
filer> ndmpd on (if is off)
filer> ndmpcopy /etc/authorized_keys /etc/sshd/root/.ssh
filer> ndmp off (if it was off in the previous step)
filer> priv set diag
filer> rm /etc/authorized_keys
filer> priv set admin
ok i created the dir and put in the authorized_keys file under
but still ssh from my management workstation asking for password
The right path is:
Also make sure the option bellow is set to 'on':
still not working. strange.
authorized_keys is under
authorized keys was generated from my mgmt workstation
Could you show how you generate your keys?
In time: the path you put is not right yet.
It is the right:
Note: best practice is to disable ssh1 because it is not secure.
ssh-keygen -t rsa -b 1024
ssh-keygen -t dsa -b 1024
cat id_dsa.pub > authorized_keys
cat id_rsa.pub >> authorized_keys
this path is not right?
i have no cifs license
directory permission is correct?
xxxx% ls -la /root/.ssh
lrwxrwxrwx 1 root wheel 19 Mar 16 2011 /root/.ssh -> /var/home/root/.ssh
xxxxx% cd /var/home/root
xxxxx% ls -la
drwxr-xr-x 3 root wheel 512 May 3 2007 .
drwxr-xr-x 5 root wheel 512 May 3 2007 ..
This is the output from filer in systemshell?