How can I generate SSH key for public key based authentication in Server monitor ?

How can I generate SSH key for public key based authentication in Server monitor ?

Please use two similar servers for this procedure.

1. A RSA or DSA key pair must be generated on the client system (SERVER1). Use the steps below to generate and use SSH2 keys.

Login as the user for monitoring and go to the /home/username/.ssh/ folder.If there is no .ssh folder then create it.Give the permission to the folder as follows,

chmod 700 ~/.ssh

ssh-keygen -t dsa  or ssh-keygen -t rsa

2. The private portion of the key pair must be present in the client system itself (SERVER1).

3. The public portion of the key pair must be copied to any other server (SERVER2) that will be accessed by the client system (SERVER1).

Note: This public key file can be placed in remote server /home/username/.ssh/authorized_keys file.If there is no .ssh folder then create it.It can  be placed in the similar path,file in same server also.

4. Give the permission to the folder as follows,

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys


5.Also comment off or modify the following lines appropriately in the /etc/ssh/sshd_config file (only SSH version 2 is supported).

#Ciphers    aes128-cbc,blowfish-cbc,3des-cbc
#MACS    hmac-sha1,hmac-md5

#Protocol 2,1
Protocol 2

#UsePAM yes
#UsePAM no

Then restart the ssh2 daemon with below command.

/etc/rc.d/sshd restart

6. Now from a command prompt in the client system (SERVER1) connect to the server (SERVER2) as shown below.The username is the name of user with which  you have copied the public key in the server (SERVER2).

ssh username@hostname

You should be able to login to the server without prompting for the password.

7. If the above is successful then use the private key which is available in the client system (SERVER1) to add the server (SERVER2) in Applications Manager.

Then you can copy the same public key to any number of servers and then use the same private key to monitor all those servers in Applications Manager.


Example:


[guest@SITE-CENTOS5-1 ~]$ pwd
/home/guest
[guest@SITE-CENTOS5-1 ~]$ mkdir .ssh
[guest@SITE-CENTOS5-1 ~]$ chmod 700 ~/.ssh
[guest@SITE-CENTOS5-1 ~]$ ls -l .ssh
total 0
[guest@SITE-CENTOS5-1 ~]$ cd .ssh
[guest@SITE-CENTOS5-1 .ssh]$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/guest/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/guest/.ssh/id_rsa.
Your public key has been saved in /home/guest/.ssh/id_rsa.pub.
The key fingerprint is:
12:c3:54:a2:bb:97:0f:55:f7:ff:67:f7:af:04:37:c8 guest@SITE-CENTOS5-1
[guest@SITE-CENTOS5-1 .ssh]$ cp id_rsa.pub authorized_keys
[guest@SITE-CENTOS5-1 .ssh]$ chmod 600 ~/.ssh/authorized_keys
[guest@SITE-CENTOS5-1 .ssh]$ ls -l
total 12
-rw------- 1 guest guest  402 Aug 24 01:41 authorized_keys
-rw------- 1 guest guest 1675 Aug 24 01:41 id_rsa
-rw-r--r-- 1 guest guest  402 Aug 24 01:41 id_rsa.pub
[guest@SITE-CENTOS5-1 .ssh]$

If you still have issues send below information to appmanager-support@manageengine.com for further troubleshooting

1) Send us complete output for the AppManagerHome\bin\ServerSSHTroubleshoot.bat or ServerSSHTroubleshoot.sh script with remote server hostname or ipaddress. Follow the below link for usage of the command

 

https://desk.zoho.com/portal/manageengine/kb/articles/how-to-execute-serversshtroubleshoot-bat-or-sh-file-7-7-2017

2) Send us copy of /etc/ssh/sshd_config file (or /etc/sshd_config file) from the remote server which are trying to add in Applications Manager via SSH

3) Open command prompt in remote server that you are trying to monitor in Applications Manager with SSH

uname -a

/sbin/ifconfig -a

dladm show-link

hostname

4) Open command prompt in Applications Manager host and execute below command with remote server hostname or ipaddress and send us the screenshot of the output

telnet <hostname> <ssh_port>

Example:

telnet app-centos 22

5) Open command prompt in Applications Manager host and execute below commands with remote server hostname and ipaddress and send us the screenshot of the output

ping hostname

nslookup hostname

ping ipaddress

nslookup ipaddress

6) Try to add the server monitor in Applications Manager a couple of times and then immediately create a new support information file and upload it to our ftp.Refer the below link for steps to create support information file and uploading it.

https://desk.zoho.com/portal/manageengine/kb/articles/where-do-i-find-the-log-files-that-i-need-to-send-to-technical-support-team-for-analysis

7) Check if you are able to connect with the same username & SSH KEY using any other SSL client tool other than Applications Manager.


      • Related Articles

      • I am not able to add Server monitor with SSH key generated with passphrase and steps to generate SSH2 keys without passphrase.

        As of now we do not support usage of SSH2 keys generated with passphrase in Applications Manager. However you can use a key generated without passphrase. Use the steps below to generate and use SSH2 keys. Using Puttygen generate a new private key ...
      • Real User Monitor (RUM) - Troubleshooting

        If the monitor has not polled data for long time. Follow below steps for troubleshooting Check prerequisites to done : Real User Monitor requires RUM Agent to be installed and mapped to Applications Manager. Refer the help page to know how to setup ...
      • Troubleshooting URL Monitor

        Here are few of the common errors you may come across in URL monitor, we have mentioned the steps you can follow to troubleshoot them.   General troubleshooting for URL monitor Ensure that the URL is accessible from the server in which Applications ...
      • Self monitor Applications Manager using APM Insight Java Agent

        Applications Manager is built with Java, hence we can monitor it using APM Insight Java Agent to measure it's performance continuously, which can be very much useful. Setting up APM Insight Java Agent Follow the below steps to download and set up the ...
      • Authentication Methods in Applications Manager

        Authentication involves validating an incoming user to facilitate the access to a specific resource. There are various authentication methods that you can use - based on the requirements and usage. In recent times, numerous organizations are ...