How to verify that i managed to add a SSH Key to a user on Gerrit
1,567 views
Skip to first unread message
Doron Shai
Jun 11, 2015, 4:38:08 AM6/11/15
to repo-d...@googlegroups.com
I created a new account on gerrit, called alu_watcher with this command
ssh -p 29418 dshai@gerrit-server gerrit create-account alu_watcher
then on from another Linux server, I wanted to be able to connect to gerrit with this new bot user and therefore I created SSH key pair on this new server and using the following command, tried to add the public key to this user
ssh -p 29418 dshai@gerrit-server gerrit set-account alu_watcher --add-ssh-key ssh-rsa AAAAB3NzaC1yc2EAAAABIwARAQEAxMzHJaHQrR/vtPArOPVfeAo4dHfxKiGBX7Kuz9bBcVid0Io8uHv5ZDz9VR4Ajk+DMva39Rfxn3Zfdz94WgC20vVlJ+XV+zs4v8FfkOFXEDJGw8Ma21coxMxHb2WAWbCauFUz9mAHlidDM0FWUJntd8HnnQ0te/s9dsqLyK1vqqfVWbVubYiWv35fSFlaJjaiK+CToq4WwdcT6/Fqg2w3M4M3QMH+7BOMV1/w+WFqkux/i+Uho5YtqSWROFE2vGNQzU4TM/+Hu+My0WXSxLVzwZZCW/ZxaJgJ1zD/jR28Q8PKvvLqEv607Qz+Oq6wJSKQTv3+yBBB/N4aR4vadN0elQ== alu_w...@test.com
and since I have some problems to connect with this new user - I want to somehow verify that this ssh key pair indeed was added to the user.
The Question: is there any way to do this verification?
Alex Blewitt
Jun 11, 2015, 4:41:11 AM6/11/15
to Doron Shai, repo-d...@googlegroups.com
Run your ssh client with verbose flag to see if it's offering the key or not. Most likely you have created the private key with the wrong permissions (should be 400) or the .ssh directory (should be 700).
Alex
Sent from my iPhat 6
Sent from my iPhat 6
--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en
---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Doron Shai
Jun 11, 2015, 7:02:25 AM6/11/15
to repo-d...@googlegroups.com, doro...@gmail.com
Hi,
i did as you suggested:
[zuul@jenkins-slave-setup .ssh]$ ll -a
total 24
drwx------ 2 zuul zuul 4096 Jun 11 11:13 .
drwx------ 6 zuul zuul 4096 Jun 11 11:40 ..
-rw------- 1 zuul zuul 143 Jun 11 11:13 config
-r-------- 1 zuul zuul 1675 Jun 11 10:14 id_rsa
-rw------- 1 zuul zuul 412 Jun 11 10:14 id_rsa.pub
-rw------- 1 zuul zuul 431 Jun 11 10:13 known_hosts
and then executed this command: ssh -v -p 29418 alu_watcher@jenkins-slave-setup
and the log is
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /home/zuul/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to jenkins-slave-setup [::1] port 29418.
debug1: Connection established.
debug1: identity file /home/zuul/.ssh/identity type -1
debug1: identity file /home/zuul/.ssh/id_rsa type 1
debug1: identity file /home/zuul/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version GerritCodeReview_2.10.4 (SSHD-CORE-0.14.0)
debug1: no match: GerritCodeReview_2.10.4 (SSHD-CORE-0.14.0)
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host '[jenkins-slave-setup]:29418' is known and matches the RSA host key.
debug1: Found key in /home/zuul/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/zuul/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/zuul/.ssh/identity
debug1: Trying private key: /home/zuul/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey).
Doron Shai
Jun 11, 2015, 7:02:24 AM6/11/15
to repo-d...@googlegroups.com
Issue solved.
cat id_sample.pub | ssh -p 29418 Admi...@gerrit.server.fqdn gerrit create-account --ssh-key - gerrit_new_user
in order to create an account with ssh key you need to create key pair (id_sample and id_sample.pub) and then execute somthing like this
cat id_sample.pub | ssh -p 29418 Admi...@gerrit.server.fqdn gerrit create-account --ssh-key - gerrit_new_user
Where
- AdminUser - already existing user which is admin on Gerrit
- gerrit.server.fqdn - the fully qualified domain of the gerrit server
- gerrit_new_user - the name for the new user that you want to create
Reply all
Reply to author
Forward
0 new messages