ssh -i PATH_TO_KEY: evoking the key . in the right path ...

dilbertone · November 29, 2014, 9:24pm

hello dear linux experts

i have to run a tunneling process

therefore in need to add ssh credentials …

so that i can find it and call it to start a port forwarding process with this line .

i have this


linux-70ce:/home/martin # ssh -p525 -L 7799:127.0.0.1:7799 vhost@www2.myhost.org
The authenticity of host '[www2.myhost.org]:525 ([xxx.yy.zz.www]:525)' can't be established.
ECDSA key fingerprint is 33:1e:c5:d7:22:11:7c:aa:46:be:83:dc:eb:ee:13:00.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '[www2.myhost.org]:525,[xxx.yy.zz.www]:525' (ECDSA) to the list of known hosts.
Permission denied (publickey).
linux-70ce:/home/martin # ssh -p525 -L 7799:127.0.0.1:7799 vhost@www2.myhost.org
Permission denied (publickey).

can i use this command

martin@linux-70ce:~> ssh -i PATH_TO_KEY

and add the path to key

/home/martin/all_safings/my_backups and so forth

many thanks for any and all help

ab · November 29, 2014, 10:53pm

Yes, it’s nice to use the -i explicitly if you can to avoid needing to use
the SSH agent which may or may not be able to interact with a user beforehand.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

dilbertone · November 30, 2014, 12:53am

hello dear ab many thanks for he hints

note:the hint is very helpful.

i ve had some peek views on the OpenSSH Documentation and the Permission denied (publickey).



Chances are, your /home/user and ~/.ssh/authorized_keys permissions are too open by OpenSSH standards. 
You can get rid of this problem by issuing the following commands:
$ chmod go-w ~/
$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys

cf http://wiki.aoxoa.com/Ssh
https://kimmo.suominen.com/docs/ssh/
http://wiki.aoxoa.com/SSH_Access_to_Greengeeks

one word regarding the public key we were discussing in this thread: of course it is not necessary to publish a pub key to the server -
so - to go ahead with the solutions:

some important documentation-things that we need:


martin@linux-70ce:~> ssh -i PATH_TO_KEY
Warning: Identity file PATH_TO_KEY not accessible: No such file or directory.
usage: ssh -1246AaCfgKkMNnqsTtVvXxYy] -b bind_address] -c cipher_spec]
           -D [bind_address:]port] -e escape_char] -F configfile]
           -I pkcs11] -i identity_file]
           -L [bind_address:]port:host:hostport]
           -l login_name] -m mac_spec] -O ctl_cmd] -o option] -p port]
           -R [bind_address:]port:host:hostport] -S ctl_path]
           -W host:port] -w local_tun:remote_tun]]
           [user@]hostname [command]
martin@linux-70ce:~>

so i use this command

martin@linux-70ce:~> ssh -i PATH_TO_KEY

and add the path to key which may look like so; /home/martin/all_safings/my_backups and so forth

finally the full line would be something like this:

ssh -i /some/path/to/some/key -p525 -L 7799:127.0.0.1:7799 vhost@www2.myhost.org

Of course we can configure the server, path to key etc in ~/.ssh/config

see some hints:
http://www.cyberciti.biz/faq/create-ssh-config-file-on-linux-unix/
http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/

by the way we also can configure the server, path to key etc in ~/.ssh/config
with more information - eg from here http://manpages.ubuntu.com/manpages/trusty/en/man5/ssh_config.5.html

on a sidenote: Though sometimes linux will choke we have more than a few keys in ~/.ssh/ even if we are trying to use just one, so we have to tell ssh to ignore the ones in the keyring.

ssh -i /some/path/to/some/key -o IdentitiesOnly=yes -p525 -L 7799:127.0.0.1:7799 vhost@www2.myhost.org

subsequently - many thanks for discussing this issue with me.

i regard this topic as solved.

best regards