Copy/pasting keys is a somewhat error-prone (especially from a Windows system which screws up linefeeds and whitespace by design; so far, I simply can't make public key authentication work from the key provided by Cloudmin when copy/pasting it...I'm beginning to think Cloudmin is giving me the wrong public key, but I'm not sure how that would come about); also not everyone knows how to setup authorized_keys. It'd be cool if there were a checkbox or something in the Authentication section of the Edit System page to copy the default public key to a system before switching to key-based authentication, assuming there is currently a working password-based connection, and maybe even testing it to be sure key-based auth is permitted and working after the change.
Also, where is the public key stored? I don't see it in /etc/webmin/server-manager/keys/. Since I keep being frustrated by trying to copy/paste the darned thing and can't get it to work, I was going to scp it, but I can't find it! ;-)
Comments
Oh, maybe the reason key-based auth isn't working is because of unexpected errors from the server, which Cloudmin isn't expecting and isn't handling correctly? I dunno. Here's the error:
reverse mapping checking getaddrinfo for cust-108-60-xxx-xxx.corexchange.com [108.60.xxx.xxx] failed - POSSIBLE BREAK-IN ATTEMPT! Permission denied, please try again.
Submitted by JamieCameron on Sat, 06/18/2011 - 20:56 Comment #2
There is a way to switch to key-based authentication that works like this already - just go to System Operations -> Change Password, and select "Use SSH key" . The settings on the "Edit System" page just change how Cloudmin tries to login to the managed system - for example, if the password has been changed via the
passwdcommand.Also, the keys are in the directory
/etc/webmin/server-manager/keys, in.keyfiles. Unless when creating a key you selected a file that already exists, in which case it will still be in its old location.That's confusing, at best. "Change Password", to me, means I want to change my password...But, since I don't want to change my password, but instead want Cloudmin to use the public key, I go to where there's an option to select using a key.
I don't see how anyone can discover this feature without reading about it, whereas I think having it Just Happen(tm) when they change the authentication method seems reasonably discoverable.
Submitted by JamieCameron on Wed, 06/22/2011 - 00:48 Comment #4
You're right, the current UI is rather confusing .. I have added an entry to my TODO list to improve it. Will update this bug when it is done..
Submitted by JamieCameron on Sun, 01/22/2012 - 17:38 Comment #5
The next Cloudmin release (6.1) will have a consolidated password change for that makes this much simpler ..
Submitted by Issues on Sun, 02/05/2012 - 17:45 Comment #6
Automatically closed -- issue fixed for 2 weeks with no activity.