Trung Tran:
Hello, I got an issue with this lab.
https://kodekloud.com/topic/lab-ssh-hardening-and-sudo/
I followed the solutions to create jim user on node01 then use command to copy public key but it said permission denied.
ssh-copy-id -i ~/.ssh/id_rsa.pub jim@node01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
jim@node01’s password:
Permission denied, please try again.
I double checked the jim’s pass and it surely correct.
Can someone help?
Al West:
The -i
option is used to specify the private key, and anyway in this scenario the corresponding public key is not yet on the destination host. Can you work it out from here?
Trung Tran:
I will try again, thanks @Al West.
Al West:
ah actually I might be wrong, I was thinking of the standard ssh -i
command
Al West:
You have the right command - are you running it on controlplane
?
Trung Tran:
yes sure, I created jim user on node01 with pass 123456, then exit back to controlplane, and run the command (I copied it from solutions so it supposed to be correct), but it keep saying permission denied.
I tried add sudo before the command as well. But it doesn’t work.
Al West:
This is what I did:
root@controlplane ~ ✖ ssh node01
root@node01 ~ ➜ adduser jim
Adding user `jim' ...
Adding new group `jim' (1001) ...
Adding new user `jim' (1001) with group `jim' ...
Creating home directory `/home/jim' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
No password supplied
Enter new UNIX password:
Retype new UNIX password:
No password supplied
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for jim
Enter the new value, or press ENTER for the default
Full Name []: Jim
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y
root@node01 ~ ➜ logout
Connection to node01 closed.
root@controlplane ~ ➜ ls
root@controlplane ~ ➜ ssh-copy-id -i ~/.ssh/id_rsa.pub jim@node01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
jim@node01's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'jim@node01'"
and check to make sure that only the key(s) you wanted were added.
root@controlplane ~ ➜ ssh jim@node01
jim@node01 ~ ➜
Al West:
double check the username and host
Al West:
running sudo
allows a normal user to run commands as root - you are already root so it has no effect
Trung Tran:
thanks for your help @Al West, I will give it a try.
Yeah, sound like I need to learn more Linux .
Al West:
Do you have CKA?
Trung Tran:
Yes, just passed it few week ago.
Trung Tran:
But CKA more on k8s objects, dont need much Linux commands like CKS course.
I’m windows based and start feeling hard when moving to the System Hardening part of the course.
Al West:
Congratulations, I would say CKS is a lot harder.
Trung Tran:
Yeah, thanks for the head up, I can feel it now .