SSH Public Key is removed from ESXi
+1Hi,we are running 20 Nutanix Nodes with AOS 5.0.1 and ESXi 6.0 as hypervisor. Normally we using passwordless login to the ESXi host using SSH Keys. So we copy our public key as usual to /etc/ssh/keys-%u/authorized_keys, but after a reboot of the ESXi Host our keys are removed.So I modified the sshd_config on the ESXi host to use multiple authorized_keys- AuthorizedKeysFile /etc/ssh/keys-%u/authorized_keys+ AuthorizedKeysFile /etc/ssh/keys-%u/authorized_keys /etc/ssh/keys-%u/authorized_keys2But even with this config, the authorized_keys2 is also deleted.Can anyone assist me to solve this issue in case of our internal security guidline to use passwordless login.Best regardsMarkus
This topic has been closed for replies.
- Nutanix Employee
Hi Markus,
maybe this will help you?
http://cormachogan.com/2016/04/13/ssh-esxi-hosts-without-providing-password/
The key is persistent storage so the nutanix nfs datastores?
Best regards,
Thomas
maybe this will help you?
http://cormachogan.com/2016/04/13/ssh-esxi-hosts-without-providing-password/
The key is persistent storage so the nutanix nfs datastores?
Best regards,
Thomas
+1I don't know if this will help me.
[root@esxi-hp-06:~] chmod +t /etc/ssh/keys-root/authorized_keysThis will be a step that will help, but I think the CVM will overwrite this file from time to time.
[root@esxi-hp-06:~] chmod +t /etc/ssh/keys-root/authorized_keysThis will be a step that will help, but I think the CVM will overwrite this file from time to time.
+29- Nutanix Employee
+1I think the mistake I made, was that I added the key manually to the ESXi Host as I did it in the past with our other VMware ESXi Host. But with the Nutanix Nodes I need to add the Key within the Prism Console using the Cluster Lockdown Feature.
I will test this and will report about it soon.
I will test this and will report about it soon.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.