root user missing /root/.ssh/known_hosts

[toraride]

My root user was first missing the entire /.ssh directory, but was able to create that by adding a key from
/etc/ssh/ssh_host_rsa_key.pub via the GUI in the FreeNAS under users for root. Now the folder .ssh and authorized_keys folders are created, but, I still do not have a known_hosts folder.

The problem comes when running a shell script that uses rsync to backup files inside /mnt/ to an external box, on the same network. When ever I try to run the rsync command and I agree to the fingerpring, I get an error in adding the ip to known_hosts as the folder cannot be found.

If I try to create the folder, while logged in as root, this fails as it gives me a Read Only folder error.

How do I go about created all the folder under .ssh ?

 

[m0nkey_]

More information is required. Please post system details as per the forum rules.

 

[toraride]

The link doesnt seem to work.

 

[m0nkey_]

The link doesnt seem to work.

I just noticed that, I've updated the link. I've also filed a ticket to have the 'forum rules' link at the top of the page fixed.

 

[toraride]

Thanks!

Alright so the system specs are:

Build

FreeNAS-9.2.0-RELEASE-x64 (ab098f4)
Platform Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Memory 32428MB
System Time Tue Sep 27 12:52:03 BST 2016
Uptime 12:52PM up 57 days, 4:02, 1 user
Load Average 0.53, 0.53, 0.50

The NAS is not exposed to the internet, and only runs locally. It is used in the office by everyone to store files.

Since this is the only location where files are stored, I had to setup a backup location and run a custom made .sh script, with rsync. When I run rsync it asks me to say [yes] authenticate the server, which I can do. It then gives out the "error failed-to-add-host-to-known-hosts"

This prevents me from running a CRON on the rsync since it will keep asking to add the host to trusted hosts, which it will never do as that folder does not exist, and since I cannot write to it, I am locked out.

When I do this, I am logged in as root.

If I try to add this as an Rsync process under the GUI, I get the following error (regardless of what user I try to do it with):

• In order to use rsync over SSH you need a user
  with a public key (DSA/ECDSA/RSA) set up in home dir.

 

[Robert Trevellyan]

the folder .ssh and authorized_keys folders are created, but, I still do not have a known_hosts folder.

.ssh is a folder. authorized_keys and known_hosts are files.

Please post the output of ls -al /root and ls -al /root/.ssh (between CODE tags).

 

[toraride]

ls -al in /root

Code:

ls -al /root
total 23
drwxr-xr-x  3 root  wheel  512 Sep 27 11:05 ./
drwxr-xr-x  20 root  wheel  512 Dec 20  2013 ../
-rw-r--r--  1 root  wheel  1128 Dec  7  2013 .bashrc
-rw-r--r--  1 root  wheel  919 Dec  7  2013 .cshrc
-rw-r--r--  1 root  wheel  80 Dec 20  2013 .k5login
-rw-r--r--  1 root  wheel  229 Dec 20  2013 .login
-rw-r--r--  1 root  wheel  489 Dec  7  2013 .profile
-rw-r--r--  1 root  wheel  1128 Dec  7  2013 .shrc
drwx------  2 root  wheel  512 Sep 27 11:05 .ssh/
-rwxr-xr-x  1 root  wheel  1677 Dec  7  2013 change_password*
-rwxr-xr-x  1 root  wheel  1630 Dec  7  2013 save_cfg*
-rwxr-xr-x  1 root  wheel  901 Dec  7  2013 save_rrds.sh*
-rwxr-xr-x  1 root  wheel  1591 Dec  7  2013 save_sshkeys*
-rwxr-xr-x  1 root  wheel  1607 Dec  7  2013 update*
-rwxr-xr-x  1 root  wheel  2821 Dec  7  2013 updatep1*
-rwxr-xr-x  1 root  wheel  3097 Dec  7  2013 updatep2*

and ls -al /root/.ssh

Code:

ls -al /root/.ssh
total 3
drwx------  2 root  wheel  512 Sep 27 11:05 ./
drwxr-xr-x  3 root  wheel  512 Sep 27 11:05 ../
-rw-------  1 root  wheel  1651 Sep 27 11:05 authorized_keys

EDIT: I would like to run this: http://troy.jdmz.net/rsync/index.html but the only thing preventing me is the authorized key portion. If we can crack this, I can get keys generated and start running rsync via CRON.

 

[dlavigne]

You won't have a known_hosts file until the first time you manually connect to that host and indicate that the fingerprint is correct...

 

[Robert Trevellyan]

My /root/.ssh has slightly more permissive permissions:

Code:

drwxr-xr-x   2 root  wheel	   6 Mar 12  2016 .ssh/

As does my /root/.ssh/authorized_keys:

Code:

-rw-r--r--  1 root  wheel   762 Feb 19  2016 authorized_keys

If you want to try modifying yours to match mine, do:
chmod go+rx /root/.ssh
and
chmod go+r /root/.ssh/authorized_keys

 

[toraride]

You won't have a known_hosts file until the first time you manually connect to that host and indicate that the fingerprint is correct...

Hence my problem! When connecting to a host, and agreeing to adding this to the known_hosts file, it denies doing so, by giving me a write error, due to permissions not in place.

I cannot CHMOD, mkdir or in any way write to .ssh/known_hosts or any other folder within ./ssh

I am logged in as root, and yet I do not have access to change anything within .ssh/

 

[toraride]

My /root/.ssh has slightly more permissive permissions:

Code:

drwxr-xr-x   2 root  wheel	   6 Mar 12  2016 .ssh/

As does my /root/.ssh/authorized_keys:

Code:

-rw-r--r--  1 root  wheel   762 Feb 19  2016 authorized_keys

If you want to try modifying yours to match mine, do:
chmod go+rx /root/.ssh
and
chmod go+r /root/.ssh/authorized_keys

And this is what I get:

Code:

chmod: /root/.ssh: Read-only file system

 

[Robert Trevellyan]

Read-only file system

Well, that's your problem then ;)

Seriously, it looks like somehow the dataset is read-only. You need to take a step back from the details of the .ssh directory and its contents, and figure out what's going on at the filesystem level.

 

[toraride]

Any suggestion to I could go about either restoring the .ssh directory to the state it should be or enabled write at least?

 

[Robert Trevellyan]

The problem is not with the .ssh folder. The problem is with the entire filesystem, i.e. the ZFS dataset. You need to figure out what's up with that.