Private Key ssh connection error

  • A new user has been generated and the ssh keys have been created for that user with the ssh-keygen tool.
  • I have created an asset of a Linux Ubuntu machine.
  • When I put the previously created user and import the private key as authentication method I get an error: "Failed while loading private key (3330)"
  • How can I register assets with accounts with ssh keys correctly?


Thank you

Parents
  • HI Alberto,

    Is this to setup the service account connection for the asset?

    If so, there two options:

    1. Automatically Generate the SSH Key (key is generated by Safeguard)

    - With check box option to Manually Deploy the SSH Key

    2. Import and Manually Deploy the SSH Key (key generated outside Safeguard and imported to Safeguard)

    If you used option 2 then you must manually append the public key to the authorized keys file on the managed system for this service account.

    If the issue persists, I see that you have also created a support service request which will be investigated further.

    Thanks!

  • Thank you Ahmad

    But the SSH key generated by Safeguard is a public key and does not work for me because I need the private key, right?

    I have an open case with OneIdentity, right, to see if they can help me. But at the moment I'm not having any luck.

  • If you use Automatically Generate the SSH Key with check box option to Manually Deploy the SSH Key then Safeguard generates the SSH key, keeps the private key then allows you to download the public key which is what you need to install on the target system under the user/.ssh/authorized_keys file.

  • Thank you! You are right. I downloaded the public key and saved it in the authorized_key file and managed to make a successful connection.
    Anyway, when I do a connection test from the active, I still get an error. Then when I request access to that asset through policy, it opens the putty and works.

    I have done it with a user without sudo. What configuration does the service user need to enter in administrative mode using the ssh key?

  • I have another question

    I have several linux machines to add to Safeguard. All machines have the same user. Do I need to generate a key per user or would it be sufficient to generate a single key and install it on the target systems in the user/.ssh/authorized_keys file of each system?

  • When you edit the Asset > under connection tab > there is a field for Privileged Elevation Command: 

    - you can add sudo in that field.

  • Generate SSH key option will create a different SSH key pair for each Asset, if you create the SSH key pair outside of Safeguard then you can use the import SSH key method to use the same key for all assets but either way you would need to deploy the public key to each user's authorized_keys file

Reply
  • Generate SSH key option will create a different SSH key pair for each Asset, if you create the SSH key pair outside of Safeguard then you can use the import SSH key method to use the same key for all assets but either way you would need to deploy the public key to each user's authorized_keys file

Children