You are not logged in.
I am trying to create an ssh key and save it to the /.ssh directory in my home directory. I create the key with the following commands;
ssh-keygen -t ed25519 -C "comment here"
After I accept the defauly keyname and path and then enter a passphrase I get the following message.
Saving key "/home/username/.ssh/id_ed25519" failed: Operation not permitted
This implied that my username does not have permission to save items to this directory, so I tried to change permissions with the following command
sudo chmod u+rwx ~/.ssh
and get the following error
chmod: changing permissions of '/home/username/.ssh': not permitted
As a side note if it type su and run as the root user I can generate a key in the /root/.ssh directory, but it will not let me save the key to the /home/username/.ssh directory, which means that I would need to run as root every time I want to ssh into this specific server, which is not a good idea. How can I change permissions of the /home/username/.ssh directory to allow me to generate a key in that directory?
Last edited by webbja123 (2021-04-13 18:05:12)
Offline
What are the permissions? ( ls -ld ~/.ssh )
If in doubt, rename the directory and have ssh-keygen re-create it on its own accord. Then see if there's anything that needs to be transferred over from the old dir (other keys, known hosts, etc.)
Offline
The permissions are as follows;
ls -ld ~/.ssh
drwx------ 2 username users 4096 Apr 6 20:52 /home/username/.ssh
Offline
Also "stat ~" and "mount | grep home", the chmod error usually means that it can't traverse or write the parenting directory (~) but that should not affect xkcd:149, so maybe the /home partition is mounted read-only?
Offline
@seth the results are shown below
stat ~/.ssh
File: /home/username/.ssh
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: fe02h/65026d Inode: 6423038 Links: 2
Access: (0700/drwx------) Uid: ( 1000/ jonwebb) Gid: ( 984/ users)
Access: 2021-04-12 18:14:36.277159575 -0600
Modify: 2021-04-06 20:52:26.746033722 -0600
Change: 2021-04-07 08:42:36.273285966 -0600
Birth: 2021-04-06 19:08:21.682736151 -0600
mount | grep home
/dev/mapper/volgroup0-lv_home on /home type ext4 (rw,relatime)
Offline
Can you briefly elaborate on the entire "username"/"jonwebb"/"webbja123" situation?
id
Offline
@seth forgive me, I am not sure what you are asking? I tried to obfuscate my actual computer username jonwebb with the word username, but missed the name in a few places. Where do you see webbja123 other than on the username for this web page?
Offline
Nowhere, but we need to figure what your UID/username is (basically unobfuscate stuff…)
lsattr -dl ~ ~/.ssh
touch ~/.foobar ~/.ssh/foobar
Offline
I tried to obfuscate my actual computer username jonwebb with the word username, but missed the name in a few places.
You should never do these kind of changes by hand, the risk is too high you post 'secret' info.
In this case it's not that big a problem!, but, better use a tool like sed to do the job for you, in this case a simple command would do the job:
sed -i 's/jonwebb/myweb/g' document
substitute jonwebb for myweb global and insert in document - (see) man sed
Offline
The ls command yields the following
lsattr -dl ~/.ssh
/home/jonwebb Extents
/home/jonwebb/.ssh Immutable, Extents
while in the .ssh directory I ran the second command with the following results
touch ~/foobar ~/.ssh/foobar
touch: setting times of '/home/jonwebb/.ssh/foobar': No such file or directory
Offline
/home/jonwebb/.ssh Immutable, Extents
man chattr
You should figure how that ended being there.
Offline
Well now I feel stupid. I forgot that when I set up openSSH I set an immutable bit on the .ssh directory and the authorized_keys file to prevent anyone from ssh ing in and making changes. I turned turned the bit and then made it immutable again, but now it works. Thank you.
Offline