ich suche momentan nach meinem Fehler, warum ich mich in die openHAB Karaf Konsole nicht per PublicKey verbinden kann. Das Schlimme daran ist, dass ich es in meiner alten OH2.5 Installation hinbekommen habe, aber in meiner neuen OH3 Installation nicht . Ich gehe also von einem Konfigurationsfehler irgendwo bei mir aus. Denn grundsätzlich kann ich mich mit neu angelegten Karaf-Benutzer (ohadminpwd) in die Konsole per Passwort verbinden.
Aber der Reihe nach. Erst einmal die Installationsdetails:
- LXC-Container auf Proxmox mit Debian 10
- Installation aus Linux Paketquellen unter jfrog.io
- Zulu Java OpenJDK 11 aus Azul Paketquellen
Code: Alles auswählen
s021:~/.ssh# openhab-cli info
Version: 3.0.2 (Build)
User: openhab (Active Process 28691)
User Groups: openhab tty dialout audio
Directories: Folder Name | Path | User:Group
----------- | ---- | ----------
OPENHAB_HOME | /usr/share/openhab | openhab:openhab
OPENHAB_RUNTIME | /usr/share/openhab/runtime | openhab:openhab
OPENHAB_USERDATA | /var/lib/openhab | openhab:openhab
OPENHAB_CONF | /etc/openhab | openhab:openhab
OPENHAB_LOGDIR | /var/log/openhab | openhab:adm
Code: Alles auswählen
s021:~# java -version
openjdk version "11.0.11" 2021-04-20 LTS
OpenJDK Runtime Environment Zulu11.48+21-CA (build 11.0.11+9-LTS)
OpenJDK 64-Bit Server VM Zulu11.48+21-CA (build 11.0.11+9-LTS, mixed mode)
Code: Alles auswählen
...
# All users, groups, and roles entered in this file are available after Karaf startup
# and modifiable via the JAAS command group. These users reside in a JAAS domain
# with the name "karaf".
#
openhab = {CRYPT}71B3E320EC3244F6AAF24FD48C93656C6AB99714EF6F02A101D993B3F0C942A8{CRYPT},_g_:admingroup
ohadminkey = {CRYPT}1E9E8B6498CD9A94ACC1E9E36978ED922B7C64C2E11E07DEB794A52CDC1FCE47{CRYPT},_g_:admingroup
ohadminpwd = {CRYPT}321C8150A87983E7655557C36CA6D204F5382B72F4151C8289A4E28230839657{CRYPT},_g_:admingroup
_g_\:admingroup = group,admin,manager,viewer,systembundles
s021:~#
Code: Alles auswählen
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDwKpVIUUaf/XlIDOzdzeOaES7pzXIvC49XpBCDKvs8Nl507W79wT5E/5QJxy6b4X5YKuMiJsNKfaJwpxoJIFrhqUQ4GWf2N8/OfD454P2lM9LqIICN30fsBu9kZMZlhM+6rnq+o5ZmtmRh8Cb5ie4pOon6o9mFh0epCnxNvCFUkG9Ry63RUgMpL7+kqKSrtMeN7/z1xi0SWsmUoE7FydnqC50UjdkVsMNtdc+j4xKF7/MVUTGIeZnMmEpn8PnanmI9PP04ZOTVAT7K2llC/GkH0m1WUhTrk07gPjxM0CnXM5bX6Ak+L2h6uqz3RxBH99AU/j1rXTssLpbZJsARs7Cd s021
Code: Alles auswählen
AAAAB3NzaC1yc2EAAAADAQABAAABAQDwKpVIUUaf/XlIDOzdzeOaES7pzXIvC49XpBCDKvs8Nl507W79wT5E/5QJxy6b4X5YKuMiJsNKfaJwpxoJIFrhqUQ4GWf2N8/OfD454P2lM9LqIICN30fsBu9kZMZlhM+6rnq+o5ZmtmRh8Cb5ie4pOon6o9mFh0epCnxNvCFUkG9Ry63RUgMpL7+kqKSrtMeN7/z1xi0SWsmUoE7FydnqC50UjdkVsMNtdc+j4xKF7/MVUTGIeZnMmEpn8PnanmI9PP04ZOTVAT7K2llC/GkH0m1WUhTrk07gPjxM0CnXM5bX6Ak+L2h6uqz3RxBH99AU/j1rXTssLpbZJsARs7Cd
Code: Alles auswählen
s021:~# ssh ohadminkey@localhost -p 8101 -i ~/.ssh/id_rsa -v
OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [::1] port 8101.
debug1: connect to address ::1 port 8101: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 8101.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version SSHD-CORE-1.7.0
debug1: no match: SSHD-CORE-1.7.0
debug1: Authenticating to localhost:8101 as 'ohadminkey'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:EwecjPmidJ1e21PmJq47XvSGaPQyovywqWgqQOATAKc
debug1: Host '[localhost]:8101' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:0kF/RI65nuycyWAeC/u7vBL7dvnSceZmOoKSe+9OH0Y explicit
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: keyboard-interactive,password,publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:0kF/RI65nuycyWAeC/u7vBL7dvnSceZmOoKSe+9OH0Y explicit
debug1: Authentications that can continue: keyboard-interactive,password,publickey
debug1: Next authentication method: keyboard-interactive
Password authentication
Password:
Code: Alles auswählen
s021:~# ssh-keygen -l -f ~/.ssh/id_rsa
2048 SHA256:0kF/RI65nuycyWAeC/u7vBL7dvnSceZmOoKSe+9OH0Y s021 (RSA)
Hat jemand von Euch noch eine Idee?
Danke
Ulf