FreeNAS - where is ssh-add and ssh-agent?

[stualden]

Quick version of question: Why aren't the ssh-add and ssh-agent commands (and possibly other ssh commands) available at the console of FreeNAS? (Other utilities like ssh-keygen and ssh-copy-id are available and I used them successfully.) If these aren't included in the FreeNAS distribution, is there some place I can get them?

Long version of question: I am trying to use the NUT UPS capability of FreeNAS to shut down--in the event of a power outage--both itself and my firewall box (IPCop - Linux-based). I might be able to put NUT or apcupsd onto IPCop, but I read somewhere that instead I could simply have another box (in this case FreeNAS) just send a shutdown command to IPCop. If I do this via SSH, I run into authentication problems, so I thought I would use SSH keys (since no one is around to supply a password). At the FreeNAS command-line, I started to create and move the keys, but I ran into a roadblock when I couldn't do an ssh-add. So - why is this?

Thanks,

--Stu

 

[SweetAndLow]

Not sure why it's not there but you can just copy the public key to the destination sever.

Sent from my Nexus 5X using Tapatalk

 

[stualden]

The public key is already over there (that wasn't a problem - I used ssh-copy-id for that), but I believe I need ssh-agent in order to get a remote login that doesn't request a password. (Correct me if that's not true.) Does your FreeNAS system have ssh-add?

 

[danb35]

I believe I need ssh-agent in order to get a remote login that doesn't request a password. (Correct me if that's not true.)

That's not true--or, perhaps more accurately, no software needs to be added to a stock FreeNAS install to do passwordless public-key SSH authentication, inbound or ourbound. If the right keys are in the right places, with the right permissions, on both systems, you can do passwordless SSH from a FreeNAS box.

Does your FreeNAS system have ssh-add?

Apparently so:

Code:

[dan@freenas2] ~% ssh-add
Could not open a connection to your authentication agent.
[dan@freenas2] ~%

...and to answer the question that's the subject of this thread:

Code:

dan@freenas2] ~% which ssh-add
/usr/local/bin/ssh-add
[dan@freenas2] ~% which ssh-agent
/usr/local/bin/ssh-agent

 

[stualden]

Thank you for teaching me about the which command! And I'm not sure why I couldn't access ssh-agent previously, but now I can. I think the issue was that I was trying to use a key that had a passphrase, and for that I believe ssh-agent is still needed?

No matter, I found a much better solution for anyone wanting to have IPCop run NUT, either standalone or piggy-backing on FreeNAS (which is what I'm doing now):

http://www.ban-solms.de/t/IPCop-nut.html

This adds a NUT configuration page to IPCop, where you can configure NUT on IPCop any way you like.