Uploaded image for project: 'Product Technical Learning'
  1. Product Technical Learning
  2. PTL-14069

Unable to run ssh-copy-id

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • RH199 - RHEL9.3-en-1-20240723
    • RH199
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • 17
    • en-US (English)

      Please fill in the following information:

      URL: https://rol.redhat.com/rol/app/classes/941518c9-b5e9-4471-a5f7-983828e6c47e
      Reporter RHNID: rvolpe
      Section Title: Comprehensive Review: Configure and Manage Server Security lab                                                                    

      Issue description

      In the Comprehensive Review: Configure and Manage Server Security lab, step 2.1 fails when running "ssh-copy-id student@servera".

      Steps to reproduce:

      [student@workstation ~]$ lab start rhcsa-compreview3

      1.

      Starting lab.

       · Checking lab systems ............................................................................................ SUCCESS
       · Installing sshpass on servera ................................................................................... SUCCESS
       · Installing sshpass on serverb ................................................................................... SUCCESS
       · Ensuring clean authorized_keys file on servera .................................................................. SUCCESS
       · Ensuring clean SSH keypair on serverb ........................................................................... SUCCESS
       · Backing up SELinux configuration on servera ..................................................................... SUCCESS
       · Ensuring clean SELinux Boolean setting on serverb ............................................................... SUCCESS
       · Creating the production5 user on servera ........................................................................ SUCCESS
       · Creating the production5 user on serverb ........................................................................ SUCCESS
       · Exporting /user-homes/production5 from servera .................................................................. SUCCESS
       · Ensuring clean firewall settings on serverb ..................................................................... SUCCESS
       · Configuring Apache HTTPD on serverb ............................................................................. SUCCESS
       · Ensuring no SELinux context for 30080/tcp on serverb ............................................................ SUCCESS

      [student@workstation ~]$ ssh student@serverb
      Activate the web console with: systemctl enable --now cockpit.socket

      Register this system with Red Hat Insights: insights-client --register
      Create an account or view all your systems at https://red.ht/insights-dashboard
      Last login: Mon Jul  1 09:10:28 2024
      [student@serverb ~]$ ssh-keygen
      Generating public/private rsa key pair.
      Enter file in which to save the key (/home/student/.ssh/id_rsa):
      Created directory '/home/student/.ssh'.
      Enter passphrase (empty for no passphrase):
      Enter same passphrase again:
      Your identification has been saved in /home/student/.ssh/id_rsa
      Your public key has been saved in /home/student/.ssh/id_rsa.pub
      The key fingerprint is:
      SHA256:6FplTSqK9jOMPs9ScDm4aeJyCzvFEF791YGGu2mQpAs student@serverb.lab.example.com
      The key's randomart image is:
      --[RSA 3072]---
      |    .   . o..    |
      |.  . o . + .     |
      |....o.o + .      |
      |.Eo.+o + +       |
      | o.=..+ S .      |
      |. *o.o B         |
      |o+o+. +          |
      |o==o+o           |
      |o+o==o           |
      ---[SHA256]----
      [student@serverb ~]$ ssh-copy-id student@servera
      /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
      The authenticity of host 'servera (172.25.250.10)' can't be established.
      ED25519 key fingerprint is SHA256:eR1mARtxPj4wq/zHRxALgu6SJfvb7UN5nfSMhMl4+Hc.
      This key is not known by any other names
      Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
      /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
      /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
      student@servera: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
      [student@serverb ~]$ ssh-copy-id student@servera
      /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
      /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
      /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
      student@servera: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
      [student@serverb ~]$

      Workaround:

       

      Expected result:

      Number of key(s) added: 1
      Now try logging in to the machine, with: "ssh 'student@servera'"
      and check to make sure that only the key(s) you wanted were added.

              alingaya@redhat.com Ashish Lingayat
              rvolpe Robert Volpe
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: