In the PowerShell window, what is the output of $ssh? The SessionId should be 0. If it is not, please close all other SSH sessions. Be sure to also close and re-open the current PowerShell window.
Best regards,
Ben
IFS | GSD Technology
Thank you for the quick replies.
Hi Shirantha,
Please find the attached logfiles.
Hi Ben,
I closed all the powershell windows and start a new one after restarting management server. But the issue still remains.
Best regards,
Lakmal
Got a similar issue while doing a fresh installation because the linux directories and files of /home/ifs did not have the correct set of permissions. Had to correct the permissions as below.
Not sure if this would help or not.
Best Regards,
Devin
Hi Lakmal,
So, before closing the PowerShell window, what was the SessionId for $ssh?
You will not be able to confirm it after closing the window. You will need to run the batch file again and then check.
Best regards,
Ben
Hi Lakmal,
So, before closing the PowerShell window, what was the SessionId for $ssh?
You will not be able to confirm it after closing the window. You will need to run the batch file again and then check.
Best regards,
Ben
Hi Ben,
Following command returned nothing.
PS C:\ifsroot> $ssh PS C:\ifsroot>
Regards,
Lakmal
Got a similar issue while doing a fresh installation because the linux directories and files of /home/ifs did not have the correct set of permissions. Had to correct the permissions as below.
Not sure if this would help or not.
Best Regards,
Devin
Hi Devin,
Permissions are correct (ifs user have access).
ifs@xxxxprod:/home$ ls -all total 12 drwxr-xr-x 3 root root 4096 Oct 4 2021 . drwxr-xr-x 21 root root 4096 Jan 5 10:38 .. drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 ifs
ifs@xxxxprod:~$ ls -all total 44 drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 . drwxr-xr-x 3 root root 4096 Oct 4 2021 .. -rw------- 1 ifs ifs 442 Mar 17 14:08 .bash_history -rw-r--r-- 1 ifs ifs 220 Feb 25 2020 .bash_logout -rw-r--r-- 1 ifs ifs 3771 Feb 25 2020 .bashrc drwx------ 2 ifs ifs 4096 Oct 4 2021 .cache -rw-r--r-- 1 ifs ifs 807 Feb 25 2020 .profile drwx------ 3 ifs ifs 4096 Jan 5 10:44 snap drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 .ssh
ifs@xxxxprod:~$ cd .ssh/ ifs@xxxxprod:~/.ssh$ ls -all total 20 drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 . drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 .. -rw-rw-r-- 1 ifs ifs 8317 Mar 27 11:50 authorized_keys
Best regards,
Lakmal
Hi @Lakmal,
Are you able to ssh into the Linux server manually from the Windows Management Server? You can check using the following command:
ssh ifs@<LinuxHost>
Run the above command in a command line and enter the password for the Linux server when prompted. See if you can either login or get any specific error.
Hope this helps!
Hi @Lakmal,
Are you able to ssh into the Linux server manually from the Windows Management Server? You can check using the following command:
ssh ifs@<LinuxHost>
Run the above command in a command line and enter the password for the Linux server when prompted. See if you can either login or get any specific error.
Hope this helps!
Hi Charith,
Yes, I can connect with ssh.
I can reproduce the same error with “.\main.ps1 -resource 'REBOOT-LINUXBOX'”.
Exception Occured While Opening Connection with the Linux Box. 2023-03-27 14:07:45.06 XXXXPROD-MNT Stop Open-ConnectionsWithLinuxBox C:\ifsroot\main.ps1 : Error found in ScriptHalted. Please check logs for details. At line:1 char:1 + .\main.ps1 -resource 'REBOOT-LINUXBOX' + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) oWrite-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,main.ps1
>>> Finalize Script Execution <«
Best regards,
Lakmal
Got a similar issue while doing a fresh installation because the linux directories and files of /home/ifs did not have the correct set of permissions. Had to correct the permissions as below.
Not sure if this would help or not.
Best Regards,
Devin
Hi Devin,
Permissions are correct (ifs user have access).
ifs@xxxxprod:/home$ ls -all total 12 drwxr-xr-x 3 root root 4096 Oct 4 2021 . drwxr-xr-x 21 root root 4096 Jan 5 10:38 .. drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 ifs
ifs@xxxxprod:~$ ls -all total 44 drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 . drwxr-xr-x 3 root root 4096 Oct 4 2021 .. -rw------- 1 ifs ifs 442 Mar 17 14:08 .bash_history -rw-r--r-- 1 ifs ifs 220 Feb 25 2020 .bash_logout -rw-r--r-- 1 ifs ifs 3771 Feb 25 2020 .bashrc drwx------ 2 ifs ifs 4096 Oct 4 2021 .cache -rw-r--r-- 1 ifs ifs 807 Feb 25 2020 .profile drwx------ 3 ifs ifs 4096 Jan 5 10:44 snap drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 .ssh
ifs@xxxxprod:~$ cd .ssh/ ifs@xxxxprod:~/.ssh$ ls -all total 20 drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 . drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 .. -rw-rw-r-- 1 ifs ifs 8317 Mar 27 11:50 authorized_keys
Best regards,
Lakmal
Hi Lakmal,
authorized_keys should have ideally 600 permission set, as it should have read and write permissions for the owner and not be accessible by group and others. Worth a try :)
Best Regards,
Devin
Got a similar issue while doing a fresh installation because the linux directories and files of /home/ifs did not have the correct set of permissions. Had to correct the permissions as below.
Not sure if this would help or not.
Best Regards,
Devin
Hi Devin,
Permissions are correct (ifs user have access).
ifs@xxxxprod:/home$ ls -all total 12 drwxr-xr-x 3 root root 4096 Oct 4 2021 . drwxr-xr-x 21 root root 4096 Jan 5 10:38 .. drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 ifs
ifs@xxxxprod:~$ ls -all total 44 drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 . drwxr-xr-x 3 root root 4096 Oct 4 2021 .. -rw------- 1 ifs ifs 442 Mar 17 14:08 .bash_history -rw-r--r-- 1 ifs ifs 220 Feb 25 2020 .bash_logout -rw-r--r-- 1 ifs ifs 3771 Feb 25 2020 .bashrc drwx------ 2 ifs ifs 4096 Oct 4 2021 .cache -rw-r--r-- 1 ifs ifs 807 Feb 25 2020 .profile drwx------ 3 ifs ifs 4096 Jan 5 10:44 snap drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 .ssh
ifs@xxxxprod:~$ cd .ssh/ ifs@xxxxprod:~/.ssh$ ls -all total 20 drwxrwxr-x 2 ifs ifs 4096 Jan 5 10:37 . drwxr-xr-x 5 ifs ifs 4096 Mar 17 14:09 .. -rw-rw-r-- 1 ifs ifs 8317 Mar 27 11:50 authorized_keys
Best regards,
Lakmal
Hi Lakmal,
authorized_keys should have ideally 600 permission set, as it should have read and write permissions for the owner and not be accessible by group and others. Worth a try :)
Best Regards,
Devin
Hi Devin,
Same issue after setting .ssh directory permissions to 700 and the authorized_keys permissions to 600.
Best regards,
Lakmal
Hi @Lakmal
I can reproduce the same error with “.\main.ps1 -resource 'REBOOT-LINUXBOX'”.
2023-03-27 14:07:44.98 XXXXPROD-MNT Open Connections with Linux Box(XXXXprod-ifsV1.xxxprod.local)... New-SSHSession : Permission denied (publickey).
According to this error, it could be an issue with the SSH public and private keys.
Please check whether the id_rsa and id_rsa.pub keys are present in the following directory in your Windows Management Server:
\\ifsroot\config\secrets\.ssh\
If you open the public key(id_rsa.pub), it should have a string in following format:
Make sure you are logged in as the given OSUserName in above.
After this, login to the Linux server and check the content of authorized_keys file there. It should have the content of the id_rsa.pub file.
Hope this helps!
Hi Charith,
I can confirm that the public key recorded in the id_rsa.pub is added to the authorized_keys file with many other previous entries. And I’m logged in as a mentioned user name in id_rsa.pub.
Regards,
Lakmal
Is there an update on this - experiencing the same issue. Everything looks correct, but the public key permission issue persists.
I expirieced the same issue root cause was SSH server gives "userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]" when connecting
Following help me to resolve the issue
1. Add this line in /etc/ssh/sshd_config. in Ubuntu server
PubkeyAcceptedAlgorithms +ssh-rsa
2. Afterwards, restart the sshd service to make the new settings come into effect.
This solved the issue for me. Although my error message was “Key exchange negotiation failed”, and not same as topic starter.
I expirieced the same issue root cause was SSH server gives "userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]" when connecting
Following help me to resolve the issue
1. Add this line in /etc/ssh/sshd_config. in Ubuntu server
PubkeyAcceptedAlgorithms +ssh-rsa
2. Afterwards, restart the sshd service to make the new settings come into effect.
$ sudo systemctl restart sshd
This one crashed the whole SSH for me. Had to reset it from the VM console.
So make sure your sshd does restart cleanly and systemctl status ssh.service shows ‘active’ before you close the connection. (It doesn’t drop the current connection, but if you exit you won’t get back)
We’re experiencing this problem with .\main.ps1 -resource 'KUBERNETES' “
2024-02-27 09:33:36.70 DSE1VMPE160 Ping for Prerequisites Modules... Module Posh-SSH exists. 2024-02-27 09:33:36.87 DSE1VMPE160 Open Connections with Linux Box(dse1k8s494)... New-SFTPSession : Channel was closed. At C:\ifsroot\utils\common.psm1:48 char:24 + ... OBAL:sftp = New-SFTPSession -ComputerName $NodeName -Credential $cred ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (Renci.SshNet.SftpClient:SftpClient) RNew-SFTPSession], SshException + FullyQualifiedErrorId : SSH.NewSftpSession
Exception Occured While Opening Connection with the Linux Box. 2024-02-27 09:33:37.51 DSE1VMPE160 Stop Open-ConnectionsWithLinuxBox C:\ifsroot\main.ps1 : Error found in ScriptHalted. Please check logs for details. At line:1 char:1 + .\main.ps1 -resource 'KUBERNETES' + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) aWrite-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,main.ps1
>>> Finalize Script Execution <<<
“
Doesn’t seem to be anything in the logs, just the SshException . SSH works fine manually from the same powershell, no problems with the ‘KEY’ section either.
My case was traced to SFTP - that didn’t work but SSH did.
The reason was that in /etc/ssh/sshd_config it was specified /usr/lib/openssh/sftp-server -L verbose but that run on the command line gives a ‘usage’ response, ie. there’s no parameter -L (it is -l according to usage) I dropped the parameter altogether so that it read only /usr/lib/openssh/sftp-server restarted sshd, and that solved the issue.
Maybe the parameters have changed at some point and -L has been dropped from the current version of sftp-server while the config file has not been updated..?
