Skip to content

Using SSH Public Key Authentication with vMA

If you are using the vSphere Management Assistant (vMA) on a daily bases you might want to simplify the login process. Public Key authentication is an authentication method that relies on a generated public/private keypair and enables the login without entering a password.

What do you need?

  • PuTTY (The well known SSH Client)
  • PuTTYgen (To genereate your SSH Key)
  • Pagent (The SSH authenticatien Agent, required for key authentication)

All programs are free and available for download here.

Generate your SSH key pair
If you already have your own SSH Key, you can skip this step.

1. Open PuTTYgen
2. Click "Generate"
3. Move the mouse to generate random data. The result should look like this:
sshkey_1

4. Click "Save public key" and choose a path
5. Click "Save private key" and choose a path. If you want to use this key for production you should set a passphrase at this point!

Enable the SSH authenticatien Agent
1. Start Pagent
2. Doubleclick the Pagent Trayicon
3. Click "Add Key" and open your private key file (.ppk)sshkey_2

Transfer your private key to the vMA Appliance
1. Connect to the vMA using PuTTY
2. Login with the vi-admin user
3. Create the required files for the authorized keys. You should be familiar with vi to create and edit the keyfile. The key you have to copy is the string created with PuTTYgen, starting with "ssh-rsa".

vi-admin@vma:~> mkdir .ssh
vi-admin@vma:~>vi .ssh/authorized_keys

4. Press i to enter "Insert Mode"
5. Copy your public key and paste it into vi (right click)
6. Press <ESC> :wq <ENTER> to save and quit vi

sshkey_3

Activate the SSH Server for key authentication
1. To activate key authentication you have to uncomment the following 2 lines in /etc/ssh/sshd_config:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

2. You need root privileges so you have to use sudo (requires to enter your password again). To uncomment the lines using vi just move the cursor to the line (should be line 47+48) and press x

vi-admin@vma:~> sudo vi /etc/ssh/sshd_config

sshkey_4

3. Press :wq <ENTER> to save and quit vi
4. Restart the ssh daemon

vi-admin@vma:~> sudo /etc/init.d/sshd restart


Done!
Now you should be able to login without entering a password. If it does not work after a reboot, make sure that Pagent is running and your keyfile is loaded.

If the authentication still does not work, examine the /var/log/messages file for error messages:

vi-admin@vma:~> tail -f /var/log/messages |grep sshd

Related posts:

  1. Getting started with vMA 5
  2. vSphere 5.1 Download - Public Available!
  3. vSphere Data Protection 5.1 - Installation Issues
  4. Getting Started with PowerCLI 5.1 and PowerShell 3.0
  5. ESXi: Change vmnic / vmhba numbering
Tags:

1 thought on “Using SSH Public Key Authentication with vMA”

  1. Pingback: VCSA6 Bash and SSH Key Activation | Virten.net

Leave a Reply

Your email address will not be published. Required fields are marked *