Hi All,
the first of all, thanks to Proxmox developers for very good Virtualization products.
May be I'm wrong, but seems that there are some mistakes at:
https://pve.proxmox.com/wiki/Storage:_ZFS_over_iSCSI
that's true for old ssh from Solaris based OS, for openssh:
next:
From example above, 192.168.1.1 is ip-address of portal - it's a address of iscsi target.
So, the command:
will generate ssh authentication keys for proxmox nodes at /etc/pve/priv/zfs.
That's right.
But what's the next command?
For public key auth, we must copy rsa public key on to iscsi-target, but at wiki we see that coping
rsa private key!
It's something new for me for many years to use ssh/openssh.
Seems, it must be:
Could you comment this and fix if it right?
Best regards,
--
lavr
the first of all, thanks to Proxmox developers for very good Virtualization products.
May be I'm wrong, but seems that there are some mistakes at:
https://pve.proxmox.com/wiki/Storage:_ZFS_over_iSCSI
Platform notes
LookupClientHostnames no
- On all zfs storages nodes the following should be added to /etc/ssh/sshd_config:
VerifyReverseMapping no
GSSAPIAuthentication no
that's true for old ssh from Solaris based OS, for openssh:
Code:
UseDNS no
GSSAPIAuthentication no
next:
mkdir /etc/pve/priv/zfs
- For all storage platforms the distribution of root's ssh key is maintained through Proxmox's cluster wide file system which means you have to create this folder: /etc/pve/priv/zfs. In this folder you place the ssh key to use for each ZFS storage and the name of the key follows this naming scheme: <portal>_id_rsa. Portal is entered in the gui wizard's field portal so if a ZFS storage is referenced via the IP 192.168.1.1 then this IP is entered in the field portal and therefore the key will have this name: 192.168.1.1_id_rsa. Creating the key is simple. As root do the following:
ssh-keygen -f /etc/pve/priv/zfs/192.168.1.1_id_rsa
ssh-copy-id -i /etc/pve/priv/zfs/192.168.1.1_id_rsa root@192.168.1.1
From example above, 192.168.1.1 is ip-address of portal - it's a address of iscsi target.
So, the command:
Code:
# ssh-keygen -f /etc/pve/priv/zfs/192.168.1.1_id_rsa
will generate ssh authentication keys for proxmox nodes at /etc/pve/priv/zfs.
That's right.
But what's the next command?
Code:
# ssh-copy-id -i /etc/pve/priv/zfs/192.168.1.1_id_rsa root@192.168.1.1
For public key auth, we must copy rsa public key on to iscsi-target, but at wiki we see that coping
rsa private key!
It's something new for me for many years to use ssh/openssh.
Seems, it must be:
Code:
# ssh-copy-id -i /etc/pve/priv/zfs/192.168.1.1_id_rsa.pub root@192.168.1.1
Could you comment this and fix if it right?
Best regards,
--
lavr