I feel like I’m missing something obvious, but I cannot find my key pairs that are generated in the web GUI (Credentials → Backup Credentials → SSH Keypairs). I just generated a new pair (logged in as user admin) and there’s nothing in:
~/.ssh (other than known_hosts)
/root/.ssh (other than known_hosts)
Where are the keys stored? I’d like to write a cron job script that uses ssh to connect to another server, and when I try to ssh in, of course there are no keys for ssh to use.
You can click the download icon next to the name of the keypair to download the keys or just click on the name and see the keys in the text fields.
I just looked and didn’t find the keys directly either. But I didn’t look too hard. You can get them as described above and then place them somewhere for your cronjob.
If the location you store them survived an update depends on the location and whether you install an update / upgrade with a fresh install and wiped drive.
Just backup your folder where you store them and check after an update. It’s not like there are a daily updates/automatic updates.
Maybe someone can you point to the location where they are stored though. I’m pretty certain the key pair generated in the UI itself survives an update. Just remember that .ssh (where the public keys for your user are stored) needs a manual backup. That is not stored with the config.
I have never had to renew any SSH keys built for ZFS send between machines. They just work - across multiple reboots, upgrades, whatever.
I only used the GUI to set up the connection between machines, i.e. followed a supported approach for getting the task done. The results may very well be different if attempted from the CLI, like most things TrueNAS.
I’m having a tough time with ssh keys right now. I set up a replication from one TN server to another (both on the same LAN).
It worked for several days, then gave me a key mismatch error. I thought I cleared the keys and tried to create a new ssh connection in the task and now I just get a ‘connection refused’ error.
I deleted the task and tried to create a new one from scratch, no go. Created a brand new admin user to use for the ssh connection, same problem.
I was able to set up a rep job in the opposite direction and as of right now that one is still working.
I’m able to connect via ssh to each machine from the other on the console using a password, so service and port are working fine.
I’m a little confused on where I need to look in order to attempt to get my backup working again.
Any help is greatly appreciated.
I believe I’ve tried that several times, removing both the connection and keypair.
I’m getting a bit confused now though since I created a user by the same name on both systems (backupuser) in order to use for the replication tasks.
So, if I have TN1 and TN2, and rep works from TN2 > TN1, but connection refused trying to backup from TN1 > TN2, what files on which system do I need to get rid of?
Right now I can’t get a connection from 1 to 2 no matter what user I try to make the connection with, including root.
