SSH pub key auth not working…

jlepthien · Dec 27, 2009, 6:20 PM

When I disable the password login my public keys do not get recognised. If I leave password login on, then I can use my key to login. Is this a known issue?

jimp · Dec 27, 2009, 9:31 PM

Check for an existing ticket at http://redmine.pfsense.org if there isn't one, open one up. It's probably a bug.

cmb · Dec 28, 2009, 5:16 AM

I just fixed this.

jlepthien · Dec 28, 2009, 7:28 PM

Okay. When will such a fix be commited? Still the same problem with the build from 28th…

cmb · Dec 29, 2009, 1:00 AM

It should be in 20091228-1257 snapshot or newer.

jlepthien · Dec 29, 2009, 6:08 AM

Ah. Okay. But this build is not available for embedded nanobsd…

jlepthien · Dec 29, 2009, 11:01 AM

Well today there is a new snap for the full version. Why isn't there the new version for the nanobsd as well? Does it always take longer for nanobsd snaps to get available?

jimp · Dec 29, 2009, 12:43 PM

For every builder run, only one NanoBSD size is built. So depending on the size you need, it could take up to four builder runs for the proper size to be built.

jlepthien · Dec 29, 2009, 1:05 PM

Good to know ;)

Waiting for the 4g version. Today a 2g was released, so I guess tomorrow will be my time ;)

jlepthien · Dec 31, 2009, 1:31 PM

Still there….

With snap of 31st....

How long does this usually take?

Also the dashboard patch isn't in this release...

cmb · Dec 31, 2009, 7:48 PM

You'll need to edit and save admin to rewrite the authorized keys, what I fixed was removing some old code from 1.2.x that was deleting the keys where it shouldn't have been.

jlepthien · Dec 31, 2009, 8:43 PM

Thanks cmb! That did the trick ;) Happy New Year's Eve, now shutdown your computer ;-)

Cheers from Germany!

jlepthien · Jan 6, 2010, 1:03 PM

Hi cmb. I just updated to the latest snap and I had to edit and save admin again. After that it works. So another bug?

jlepthien · Jan 8, 2010, 12:16 PM

With every snap I need to do this again. Can someone please fix this?

jimp · Jan 8, 2010, 2:52 PM

Every firmware update it switches to a new partition, which will then not have your keys present. It probably needs a boot-time function to sync the keys.

jlepthien · Jan 8, 2010, 4:27 PM

Well I thought that all the config including such an important file would be taken over. This is a serious issue when you do a remote upgrade ;-)

jimp · Jan 8, 2010, 4:53 PM

I had thought the existing ssh keys were backed up and carried over, but that may not be the case. I haven't tried to do key-based auth on my ALIX running 2.0 yet.

jlepthien · Jan 8, 2010, 5:00 PM

On 1.2.3 they were…

jimp · Jan 8, 2010, 5:19 PM

I see what I was thinking of. The ssh host keys are backed up and restored on reboot/upgrade, but it may be missing some logic to handle the user keys.

jlepthien · Jan 19, 2010, 12:22 PM

Problem is still there with todays build :-(
Is this still an open ticket? This thing is huge! Think about remote updates….

Should be easy to fix?!