Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Passwordless SSH login

Featured Replies

simply add a public key in authorized_keys file on your flash drive. It will be persistent.
image.png.62481b57734d6c413a7ff154b4d0bfab.png

Edited by bthoven

  • Replies 143
  • Views 81k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • 1) If necessary, generate an SSH key on your Mac or Linux machines, using ssh-keygen.   2) Create an authorized_keys file for the unRAID server, using the id_rsa.pub files on all the machines which

  • 1. On Linux or Mac, use ssh-keygen to generate a key pair, there'll be 2 files generated, a private key file (e.g. id_rsa) and a public key file (e.g. id_rsa.pub);   2. On your unRAID server, enter

  • A slightly better way to maintain the keys across reboots is to * copy the authorized_keys file to /boot/config/ssh/root.pubkeys * copy /etc/ssh/sshd_config to /boot/config/ssh * modify

Posted Images

Keep it private. I know, it's f&6king ironic.

 

MrGrey.

  • 1 month later...

few questions:

I know how to do this on a general *nix OS, but unsure if it's different with unraid..

 

how do I get ssh to start on boot?  for example, I just updated unraid to the latest version, which required a reboot.  after the reboot, I wasn't able to ssh in from putty because there wasn't an instance of sshd running.  I noticed that after changing the ssh port and trying to restart ssh:

root@NAS:/boot/config/ssh# /etc/rc.d/rc.sshd restart
WARNING: There does not appear to be a parent instance of sshd running.
         If you really want to kill all running instances of sshd (including
         any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead.

 

Earlier in this thread, there was mention of copying the /etc/ssh/sshd_config file to /boot/config/ssh - which file do we need to modify so the settings stay persistent, the sshd_config in /etc/ssh or /boot/config/ssh?

 

it seems when I reboot my unraid box, the port setting in sshd_config in /etc/ssh always gets reset back to the default port of 22.

 

 

thanks!

I think I answered the 2nd half of my question just by doing some trial and error.  once I modified the sshd_config file in /boot/config/ssh, it seemed to copy that over to /etc/ssh after a reboot so the changes were persistent, at least as far as I can tell.

  • 1 month later...

 To set up passwordless ssh access to unraid from a Linux or Mac OS X machine by using PuTTY.  Generate SSH key on your Linux or Mac OS by using PuTTYgen. Open the PuTTY configuration windows and connect to unraid server. To check the process of this go to  https://puttykeyinfo.com/ 

  • 3 weeks later...

Hello,
I have done this million of times on many different systems but still failing brutally. What I have done:

  • Created id_rsa.pub
  • Copied id_rsa.pub into authorized_keys over my unraid server
  • chmod 700 /root/.ssh
  • chmod 600 /root/.ssh/authorized_keys
  • Edited /etc/ssh/sshd_config to accept keys
  • restart ssh

It still ask the password or if I try to connect using the key gives me Permission denied (publickey,password,keyboard-interactive).

image.png.9d155bc2b7d1e804c5ec90b32519521b.png

 

  • Community Expert

This is what I use, always worked:

 

Generate key:

ssh-keygen

NOTE: when generating the key use a blank password or it will ask for it anytime you use that key.


Copying your Public Key Using SSH:

cat ~/.ssh/id_rsa.pub | ssh root@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

 

I tried again after taking a break and discovered that this piece was incorrect. Now it's working as expected.

AuthorizedKeysFile     .ssh/authorized_keys

 

  • 2 months later...

I know this is an old thread but in case this helps anyone else.  I didn't want to overwrite /etc/ssh/sshd_config in case there are any changes etc.  So I just sed the two settings that turn off passwords and only allow keys.

 

sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no/g ; s/#KbdInteractiveAuthentication yes/KbdInteractiveAuthentication no/g' /etc/ssh/sshd_config
/etc/rc.d/rc.sshd restart

  • 4 weeks later...

Greetings! Reading through this thread I think I've confused myself some what.

 

I understand 6.9 changed how the symlinks behave making some older steps unneeded.

 

Trying to figure out what are the correct steps to take now if I am trying to use passwordless SSH between two unraid servers.

If anyone could provide a suggested post to follow or provide steps that would be super as I'm hesitant to mess an original config up or something similar. Thanks! 

Awesome thanks very much!

Gave that a shot and ran into a slight error/error message but found which included running 

ssh-keyscan -H TARGET_HOST >> ~/.ssh/known_hosts

So ran that with the TARGET_HOST set to my remote_host from the command you had above and everything seems to be working now. I see the key listed under my root user if I navigate to the Users section in the GUI.

I think that does it then?

 

Thanks again.

 

  • 1 month later...

This is an old thread, but I wanted to leave this here hoping that it helps someone in the future.

 

I had the issue that I couldn't get the ssh key login to work. I'd see the pub key for root user in the Unraid GUI, but after SSH login, it would always ask for a password, whatever I tried. And I tried for many hours many different things.

 

What I learned is that you should update the sshd_config file in /etc/ssh. This one is leading! Not the one in /boot/config/ssh. After the SSH server restarts, it copies the one from /etc/ssh to /boot/config/ssh. So if you update the file in the latter location, your changes get overwritten once the service restarts.

 

So, update the sshd_config file in /etc/ssh to make sure pubkeys are accepted:

  • PubKeysAuthentication yes
  • AuthorizedKeysFile /boot/config/ssh/root/authorized_keys ##this can be any location you want, but /boot/config location makes sure it's persistent during reboots

After this, restart the SSH service, either manually or via the SSH plugin and it should work.

This is on Unraid 6.12.13 BTW.

Thanks for the tips.

I can't remember what I did, but I found all my client public keys are in /root/.ssh/authorized_keys.
Unraid: 6.12.11

  • 4 months later...

After an upgrade to unraid 7.0, my authorized_keys file seems to be gone and I am no longer able to login with my key from any system. Has anyone else seen this? I didn't see anything in the release notes about this happening, but I have upgraded two systems now and it happened on both of them.

 

I guess I will just rebuild it, but this seems strange. Just wondering if anyone else hit this or not.

 

Thanks!

  • Community Expert
3 minutes ago, harshl said:

Just wondering if anyone else hit this or not.

Not to me, and don't remember seeing any other reported cases.

5 minutes ago, JorgeB said:

Not to me, and don't remember seeing any other reported cases.

I'm actually starting to suspect that it had to do with enabling TailScale and further enabling TailScale SSH server? I didn't think they would conflict, but perhaps they do?

 

I suppose I will test a reboot today and see if it blows it away again. It is working fine again now that I have properly recreated /boot/config/ssh/root/authorized_keys on both systems.

 

Still seems strange that it would have deleted that file somehow...

  • 2 months later...

Hello everyone,
Since a couple of time strangely enough my server accept again passwords through password.

I want to start the whole procedure again from scratch (following this post) - what have I to delete to disallow the old keys?

Thanks in advance

36 minutes ago, TDA said:

Hello everyone,
Since a couple of time strangely enough my server accept again passwords through password.

I want to start the whole procedure again from scratch (following this post) - what have I to delete to disallow the old keys?

Thanks in advance

If I'm understanding correctly, you would like to stop accepting key based authentication from the existing keys and then beginning accepting key based authentication again from a set of new keys?

 

If that is the case, just modify your authorized_keys file. Delete the keys that you don't want to be able to authenticate and add the new keys that you do want to be able to authenticate with.

Your authorized_keys file should be found here: /boot/config/ssh/root/authorized_keys

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.