Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  ssh key-based authorized_keys being renamed to authorized_keys.old

    Posted 12-08-2020 05:27
    I'm trying to setup ssh authorized_keys on a SRX. I can get the file created, and ssh into the device just fine.

    However, apparently when I do any sort of load config operation (such as load override or load update), the file is being renamed to authorized_keys.old, and I have to go in and rename it back to authorized_keys in order to get key-based authentication to work again.

    Is there a way to prevent this from happening?


  • 2.  RE: ssh key-based authorized_keys being renamed to authorized_keys.old

     
    Posted 12-08-2020 05:45

    Hi Peter,

     

    You can avoid this by applying the ssh key to the user in configuration like:

     

    set system login user <userid> authentication load-key-file /root/.ssh/id_rsa.pub

     

    Or for root user,

     

    set system root-authentication ssh-rsa <key>

     

    Hope this helps.

     

    Regards,

    -r.

     

    --------------------------------------------------

     

    If this solves your problem, please mark this post as "Accepted Solution."

    Kudos are always appreciated :).

     


    Juniper Business Use Only






  • 3.  RE: ssh key-based authorized_keys being renamed to authorized_keys.old

    Posted 12-08-2020 05:53
    Just a reminder that ssh access by root is off by default in recent versions of Junos for good reason.
    So please don't turn it back on and enable key access on that account in production.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------