Creating SSH connection issues

[Tom Boltwood]

I've been having some issues trying to create an SSH connection. For whatever reason, it wouldn't accept the user password even though it was correct, so I'm using root. Now when I try and create the connection, it comes up with the error "Object with this name already exists". I'm guessing there's something left over from the previous creation. However, I can't delete it as it's not listed anywhere to delete.

 

[Tom Boltwood]

I've now created connections with a key, but when I try and create a replication task, I get "[EACCES] AuthenticationException('Authentication failed.')"

 

[abbott]

for those that have a similar issue in the future...

Your remote machine is already listed in /root/.ssh/authorized_keys, just open the file using nano and remove the key referencing that machine name.

 

[YourNaggingWife]

Wanted to add another cause of this error is ssh algorithm differences between 12 and 13. Doing this on the 13 box fixed it for me:

By default, TrueNAS 12 cannot initiate a replication to or from TrueNAS 13 due to an outdated SSH client library. Allowing replication to or from TrueNAS 13 to TrueNAS 12 requires allowing ssh.rsa algorithms. See OpenSSH 8.2 Release for security considerations. Log into the TrueNAS 13 system and go to Services->SSH. Add the SSH Auxiliary Parameter: PubkeyAcceptedAlgorithms +ssh-rsa.

 

[dxun]

Aside from having to put the public key from client system to the remote system user that the replication is authenticated against, I have found config restore operation might somehow screw up the permissions and owners of ~/.ssh directory (on TrueNAS 13-U3 at least). This led to a very annoying troubleshooting session that was ultimately solved by:
- making sure ~/.ssh has permissions 700
- setting ~/.ssh/authorized_keys with permissions 600
- setting the ~/.ssh owner to root recursively (which is, in my case, the user that runs the replication task)