hello,
When I want tocreate a SSH key I get the following error:
Failed to save SSH key : open /tmp/.webmin/12557_1_save_key.cgi failed: Permission denied. Generating public/private rsa key pair. Saving the key failed: /tmp/.webmin/12557_1_save_key.cgi.
Status:
Active
Comments
Submitted by andreychek on Fri, 05/28/2010 - 09:10 Comment #1
Howdy -- just so that we can try and reproduce it, what process are you using to generate the SSH key? And are you running that as root, or as another user?
This is in cloudmin -> cloudmin settings -> ssh keys.
Add anew ssh key
I try to create a ssh key there. Publickey generated by cloudmin.
Submitted by JamieCameron on Fri, 05/28/2010 - 11:29 Comment #3
That's a surprising error, as Cloudmin generates the key using the ssh-keygen command which is run as root, and so shouldn't have any permissions problems.
What permissions do you have on the /tmp/.webmin directory?
Does deleting that directory help? (it will be re-created automatically)
the directory is manual set to 777. Whe I delete it i will be recreated but I get the same error again. The premissions an't the samen a the tmp folder (777).
Submitted by JamieCameron on Fri, 05/28/2010 - 13:14 Comment #5
Are you perhaps running a custom version of openssh, or are you just using the package that comes with CentOS ?
|I use the original package from centos.
Submitted by JamieCameron on Mon, 05/31/2010 - 14:07 Comment #7
So you perhaps have any special mount options on /tmp , like noexec ?
On a test CentOS 5 system, SSH key generation in Cloudmin works fine for me.
I've no specialmounts on tmp.
Maybe it's a good ideas when you login. The you can invest for yourself.
Submitted by JamieCameron on Tue, 06/01/2010 - 13:15 Comment #9
Sure, I would be glad to login and take a look .. you can send me login details at jcameron@virtualmin.com , or use our remote support access feature.
Submitted by JamieCameron on Tue, 06/01/2010 - 16:35 Comment #10
I just created a key OK with the "Generated by Cloudmin" option.
What are you selecting on the creation form exactly? And are you using the "Add a new SSH key" link?
I reinstalled cloudmin (due a rootkit) and I get the same problem. On a freshly installed system I can't create a ssh key.
When I copy a manualy created key in the form. I say that it isn't a ssh key....
I've created a key manualy and imported this in Cloudmin. This was working. Via cloudmin will raisen the permission error.
Submitted by JamieCameron on Sun, 08/01/2010 - 18:44 Comment #14
So you mean the manually created and imported key cannot SSH to other systems, due to a permissions error?
No, I cant creata a ssh key automaticaly.
The work-a-round was to create itmanualy and import it in the form.
Everythng isworking now but I had to configure it manualy.
Submitted by ctwelve on Thu, 10/07/2010 - 14:49 Comment #16
I am running into an identical error. On a completely fresh install, I cannot use Cloudmin to generate an SSH key, and it fails with the same error. Have to do it manually.
Submitted by ctwelve on Thu, 10/07/2010 - 14:51 Comment #17
...and setting permissions of 777 on /tmp/.webmin doesn't help.
Submitted by JamieCameron on Thu, 10/07/2010 - 15:14 Comment #18
Anyone who is seeing this - do you have SElinux turned on?
Submitted by Kevn on Mon, 08/01/2016 - 11:09 Comment #19
Yes, the issue seems to be related to SELinux being in "enforcing" mode. When switched temporarily to "permissive" mode, I am able to successfully generate a new key with:
Cloudmin Settings > SSH Keys > Add a new SSH key with "Generated by Cloudmin" selected and "Source for public key" blank. Doesn't matter the setting for "Add to root's authorized keys on new systems?".
When SELinux is in "enforcing" mode, I get this error when doing the same:
Failed to save SSH key : open /tmp/.webmin/416217_18466_1_save_key.cgi failed: Permission denied. Generating public/private rsa key pair. Saving the key failed: /tmp/.webmin/416217_18466_1_save_key.cgi.
With SELinux in "permissive" mode, I mounted /tmp with and without "noexec", and it did not make a difference; I was able to successfully create a key, as above, with and without "noexec".
System info: CentOS Linux 7.2.1511 Webmin 1.801 Virtualmin 5.03 Cloudmin 9.0.kvm Pro
Kevn
Submitted by JamieCameron on Tue, 08/02/2016 - 01:14 Comment #20
Ok, that explains it - I'd recommend turning SElinux off permanently.