How to add own ssh key for root user

G

gamerh

Member
Jun 11, 2020
35
2
13
25
Hi,

I would like to know how i add mine own ssh key for the user root so i can make a ssh connection true root whit mine private key.

Kind Regards,
Gamerh
 
Like with every debian. Create a new file "/root/.ssh/authorized_keys" as root, paste your public key, make it only accessible by the owner and restart sshd.
 
Dunuin said:
Like with every debian. Create a new file "/root/.ssh/authorized_keys" as root, paste your public key, make it only accessible by the owner and restart sshd.
Click to expand...
Hi,

I did that but the server keeps refusing the key.

Kind Regards,
Gamerh
 
In addition to what @Dunuin said - also check the permissions/ownership of .ssh/authorized_keys (600, 400 should work)
 
Stoiko Ivanov said:
In addition to what @Dunuin said - also check the permissions/ownership of .ssh/authorized_keys (600, 400 should work)
Click to expand...
Dunuin said:
Did you verify that the key is only using 1 line and that there is no "PermitRootLogin no" in sshd conf?
Click to expand...
This is how i did it:

1: logged in as root true the web gui
2: mkdir -p ~/.ssh
3: echo public_key_string >> ~/.ssh/authorized_keys
4: chmod -R go= ~/.ssh

I have also cheked "/etc/ssh/sshd_config" and permit root login is yes

Kind Regards,
Gamerh
 
There are two ways to login as root. Using PAM and PVE authentification. Did you login as root using PAM?
Also you should try to login using a SSH client and not using the WebGUI. If that works with a password you atleast know that it is not a network/firewall problem.
 
Dunuin said:
There are two ways to login as root. Using PAM and PVE authentification. Did you login as root using PAM?
Also you should try to login using a SSH client and not using the WebGUI. If that works with a password you atleast know that it is not a network/firewall problem.
Click to expand...
Hi,

I log in as PAM.

I am not able to start a ssh session true an ssh client but i am sure the firewall port is open seems the error Putty gives is that the server refused the key.

Kind Regards,
Gamerh
 
Thats why I said try it with putty with password authentification first. If thats isn't working too, then you know that the key isn't the problem.
 
Dunuin said:
Thats why I said try it with putty with password authentification first. If thats isn't working too, then you know that the key isn't the problem.
Click to expand...
Hi,

Password authentication true putty works for root

Kind Regards,
Gamerh
 
How did you create the key pair? Are you sure it is valid and got no line breaks?
Something like this?
Code: 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7qmegDxzv1omqG2cWM+i+qaEGzCoSBwqCeXyGUU93sTqtNYYHJVGj6YZqXeXEGzJtKm2A/uo59Y+WmqhJW7HcT2Hqvo80NfbIRhqE9TJETyBeGiiC8qpiYgPC2zigCNvTsRXh0CH5FJ1qy4QEBjztQDWOqSrsoOSJEEWCJiKJizTiXDmlGdiKE409GBo8lvlbMRWbrMj3iX825WTqy/T0Pio1kqANDotLnPA0sRXPVyzc/ghzqRHzFetzP9j7C0nhEvjiJphiuYvhbgix79FrCQG0lXBGcAWzsWUeAoT/d3kQu79+UTWxm+z4pnJ7gkKVMejqrWys560SdAqD264dc5UBRGI9j6XxVKdraSaEitDneONrSAt2tE/Rwxh2ASxqQfdF88zyDI8/ma608tHcFROaNsn5hF+/wzjRK9akdhp5WjA5HXhg2OlkwKvSMhGlSgotRj5pr4Ebxjegysy1mEWRFN/vh/oNq4uHQy8adpfogaVELkI/Z2nuAdQk+uMy6D1hrKhUWubmBPxTbG00IWF25Tyuz8hnFRP9+gB/PNRlF59/EHy27a72nirvuOyfxKnx/Mn+FD9Ah59OSLhWuo3sN9Im8yc2cliecwMz+DmTtE7TwzNw9v2zfxU9JDQwyLtppULiGpmKFOLHjz+SVGxSbVsWS//INK1GrQ== gschoenb@gschoenb-X220

It should start with "ssh-rsa AAAAB3Nza" and end with "== someOptionalStuff" all in one line without any spaces except for the one after "ssh-rsa".
 
Last edited:
Dunuin said:
How did you create the key pair? Are you sure it is valid and got no line breaks?
Something like this?
Code: 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7qmegDxzv1omqG2cWM+i+qaEGzCoSBwqCeXyGUU93sTqtNYYHJVGj6YZqXeXEGzJtKm2A/uo59Y+WmqhJW7HcT2Hqvo80NfbIRhqE9TJETyBeGiiC8qpiYgPC2zigCNvTsRXh0CH5FJ1qy4QEBjztQDWOqSrsoOSJEEWCJiKJizTiXDmlGdiKE409GBo8lvlbMRWbrMj3iX825WTqy/T0Pio1kqANDotLnPA0sRXPVyzc/ghzqRHzFetzP9j7C0nhEvjiJphiuYvhbgix79FrCQG0lXBGcAWzsWUeAoT/d3kQu79+UTWxm+z4pnJ7gkKVMejqrWys560SdAqD264dc5UBRGI9j6XxVKdraSaEitDneONrSAt2tE/Rwxh2ASxqQfdF88zyDI8/ma608tHcFROaNsn5hF+/wzjRK9akdhp5WjA5HXhg2OlkwKvSMhGlSgotRj5pr4Ebxjegysy1mEWRFN/vh/oNq4uHQy8adpfogaVELkI/Z2nuAdQk+uMy6D1hrKhUWubmBPxTbG00IWF25Tyuz8hnFRP9+gB/PNRlF59/EHy27a72nirvuOyfxKnx/Mn+FD9Ah59OSLhWuo3sN9Im8yc2cliecwMz+DmTtE7TwzNw9v2zfxU9JDQwyLtppULiGpmKFOLHjz+SVGxSbVsWS//INK1GrQ== gschoenb@gschoenb-X220

It should start with "ssh-rsa AAAAB3Nza" and end with "== someOptionalStuff" all in one line without any spaces except for the one after "ssh-rsa".
Click to expand...
Hi,

Yes it's like that.


Kind Regards,
Gamerh
 
Last edited:
Menu > Configuration > Certificates > Certificates

Select "proxy.pem" and "Delete Custom Certificate" (it is re-gen automatic)

In my case it is works well.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom