Paul042020
Contributor
- Joined
- May 4, 2020
- Messages
- 119
Hello everyone
I have a problem with my user with whom I connect to administer my NAS in ssh.
To connect via ssh, I created a specific user "Toto" for whom I checked the "permit sudo" box and who does not own any dataset and is not part of any group.
Until now, I was using a password and never had any problem, but sometimes I had to switch to the super-user with a "sudo su" for tasks that don't pass with "sudo Toto".
Recently, I wanted to increase security by using an ssh connection with a private/public key.
I created the key pair on the truenas web interface, and copied the public key into the field provided on the "Toto" user profile.
At the moment, when I saved the changes to Toto's profile, I was logged out of the web interface. I could not log in again. However, I could connect via ssh with my user "Toto" and his password.
To regain access to the web interface, I had to restart the server.
I went back to the profile of the user "Toto", the public key had not been saved.
I tried again and it caused exactly the same problem.
After restarting the server, I went back to the profile of the user "Toto", I tried my luck by assigning him a dataset. Bingo, the public key was correctly registered and I was not disconnected from the web interface.
I tried an ssh connection, which seemed to work fine, however, strangely, I had to enter the password of the user "Toto" at the time of the connection.
My questions:
1] Why does ssh login via private/public key require assigning a dataset to the user?
2] Why does it cause a disconnection from the web interface, when I am logged in with root on the web interface.
3] Why does the ssh connection still ask me for the ssh password if the private/public key system is set? Am I missing something? Is the private/public key connection really functional?
Regards
I have a problem with my user with whom I connect to administer my NAS in ssh.
To connect via ssh, I created a specific user "Toto" for whom I checked the "permit sudo" box and who does not own any dataset and is not part of any group.
Until now, I was using a password and never had any problem, but sometimes I had to switch to the super-user with a "sudo su" for tasks that don't pass with "sudo Toto".
Recently, I wanted to increase security by using an ssh connection with a private/public key.
I created the key pair on the truenas web interface, and copied the public key into the field provided on the "Toto" user profile.
At the moment, when I saved the changes to Toto's profile, I was logged out of the web interface. I could not log in again. However, I could connect via ssh with my user "Toto" and his password.
To regain access to the web interface, I had to restart the server.
I went back to the profile of the user "Toto", the public key had not been saved.
I tried again and it caused exactly the same problem.
After restarting the server, I went back to the profile of the user "Toto", I tried my luck by assigning him a dataset. Bingo, the public key was correctly registered and I was not disconnected from the web interface.
I tried an ssh connection, which seemed to work fine, however, strangely, I had to enter the password of the user "Toto" at the time of the connection.
My questions:
1] Why does ssh login via private/public key require assigning a dataset to the user?
2] Why does it cause a disconnection from the web interface, when I am logged in with root on the web interface.
3] Why does the ssh connection still ask me for the ssh password if the private/public key system is set? Am I missing something? Is the private/public key connection really functional?
Regards