Linux security Lab . ssh error

hi Team ,

In linux security lab course while doing lab I have experiencing following difficulty

Q
Copy the public key to target server devapp01 .
Make use of ssh-copy-id

Hint
run: ssh-copy-id bob@devapp01
Enter the password when prompted.

bob@devapp01:~ sudo ssh-copy-id bob@devapp01 [sudo] password for bob: /usr/bin/ssh-copy-id: ERROR: No identities found bob@devapp01:~
bob@devapp01:~ bob@devapp01:~ cat /etc/passwd | grep bob
bob:x:1000:1000::/home/bob:/bin/bash
bob@devapp01:~bob@devapp01:~

Can you please help why this is giving this error ?

with best regards
Pradeep Nehe
Email : ppnehe@gmail.com

Hi,

I see you are running the ssh-copy-id as root with sudo. You don’t need to do that.
Try running without sudo.

hi

Thank you for your quick response .

I ran these commands with and without sudo but still the status is same.

bob@devapp01:~$ ssh-copy-id bob@devapp01
/usr/bin/ssh-copy-id: ERROR: No identities found

bob@devapp01:~bob@devapp01:~ sudo ssh-copy-id bob@devapp01
[sudo] password for bob:
/usr/bin/ssh-copy-id: ERROR: No identities found
bob@devapp01:~ bob@devapp01:~

If you see my previous output you will notice that I gave this command on destination server not on the source server. ie. bob logging into devapp01 server first and then issuing this command there where I got the error. If I am not wrong this is what precisely instructor teaches to issue this command on the destination server where you want this to be copied and not on the source server. Requesting to kindly go through this module ( training ) and correct me whether there is any ambiguity or error in that part .

bob@devapp01:~ sudo ssh-copy-id bob@devapp01

Now I typed same command on source machine i.e. on host caleston-lp10 and not on host devapp01

========================================================================

ob@caleston-lp10:~bob@caleston-lp10:~
bob@caleston-lp10:~ bob@caleston-lp10:~ ssh-keygen -t rsa 4096
Too many arguments.
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] [-N new_passphrase] [-C comment] [-f output_keyfile]
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
ssh-keygen -i [-m key_format] [-f input_keyfile]
ssh-keygen -e [-m key_format] [-f input_keyfile]
ssh-keygen -y [-f input_keyfile]
ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile] ssh-keygen -B [-f input_keyfile] ssh-keygen -D pkcs11 ssh-keygen -F hostname [-f known_hosts_file] [-l] ssh-keygen -H [-f known_hosts_file]
ssh-keygen -R hostname [-f known_hosts_file]
ssh-keygen -r hostname [-f input_keyfile] [-g]
ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
[-j start_line] [-K checkpt] [-W generator]
ssh-keygen -s ca_key -I certificate_identity [-h] [-U]
[-D pkcs11_provider] [-n principals] [-O option]
[-V validity_interval] [-z serial_number] file …
ssh-keygen -L [-f input_keyfile]
ssh-keygen -A
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
file …
ssh-keygen -Q -f krl_file file …
bob@caleston-lp10:~ bob@caleston-lp10:~ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/bob/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/bob/.ssh/id_rsa.
Your public key has been saved in /home/bob/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:n2LVmyIzN/KWCqe+r9pY0uKbxQ/mnF6u2edLyJRkC9I bob@caleston-lp10
The key’s randomart image is:
±–[RSA 4096]----+
| |
| . |
| . E o |
| . + o . |
| S . . |
| o o + . o |
| o O % B.o |
| . % & X+o |
| =&==+. |
±—[SHA256]-----+
bob@caleston-lp10:~ bob@caleston-lp10:~
bob@caleston-lp10:~ bob@caleston-lp10:~ ssh-copy-id bob@devapp01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/bob/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
bob@devapp01’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘bob@devapp01’”
and check to make sure that only the key(s) you wanted were added.

bob@caleston-lp10:~ bob@caleston-lp10:~
bob@caleston-lp10:~$ ssh-copy-id bob@devapp01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/bob/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)

bob@caleston-lp10:~ bob@caleston-lp10:~
bob@caleston-lp10:~$ ssh bob@devapp01
Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 4.15.0-88-generic x86_64)

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the ‘unminimize’ command.


( ____ ( ___ )( \ ( ____ ( ____ \__ /( ___ )( ( /|
| ( /| ( ) || ( | ( /| ( / ) ( | ( ) || \ ( |
| | | (
) || | | (_ | (_____ | | | | | || \ | |
| | | ___ || | | ) (___ ) | | | | | || (\ ) |
| | | ( ) || | | ( ) | | | | | | || | \ |
| (/| ) ( || (/| (//_) | | | | () || ) \ |
(
/|/ |(/(/_) )( (______)|/ ))
Last login: Wed Apr 15 08:19:16 2020 from 172.16.238.3
bob@devapp01:~ bob@devapp01:~
bob@devapp01:~ bob@devapp01:~ cat /home/bob/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCquPzsh9ZFV8hbXiDt21toytdGc5xx7hkgfb4K1qVp50KWa8UunYTY2QbSPdBdW3C0f55pKJzskDvPqM20eczGo43qQv+x7q8A3cWOxZq2eRAqu0kpCewXYPM48QdVN2UrhN0ecUcafrzpNMoa4+eNicCdVMalsqrOVhdYN0OKVuB9ceJ5UzlJekeu5xzCscZPOBzQ/bDR5S46DGswOld8shnnNLhvoe+bwc/qMKtmyDyg2f8j/TPL3QPhhWuYn2HYrnBrE6Se50o3eVd01zBVayBSBw7c0XsygjvvQ5ZDkQg8YZs2ZsNwKazkp9EuWnVvEBTCdbyGu8NG8sDcHUTYYvk1eL63JHUMFMc/7Q1wTj+bsHLAfndB4AtZDmp+wzU1BICwFrTC+F+JWPIn3VNd6Xt7amB0I9vCXwwhjwI/lsDFiFgSh1Ytp7529/aAoxpSFGSYrOMw3Y7spSVHBaOYQzWRTtU0crBhCT0Wpxjif1HFr75JV/2YNi7g+TY3PmpyTP/wDs5NK7OKPVLab4Q0b1gSHVpcOxFX4gTp1RcndMoJs28CJ2nU4VSSmcvLTzbTCjn9PxKqFrXfxtFLuWNYtG5doSMq4dohcmYdXNA9Tt1PQ2++CWgIY1OV6B7a0elt85k1dFC85blVttcGazkm9Xb/X3UYQUv+oKxTkZ29fQ== bob@caleston-lp10
bob@devapp01:~$

===========================================================================

bob@devapp01:~$ ssh-copy-id bob@devapp01
/usr/bin/ssh-copy-id: ERROR: No identities found
bob@devapp01:~bob@devapp01:~ sudo ssh-copy-id bob@devapp01
[sudo] password for bob:
/usr/bin/ssh-copy-id: ERROR: No identities found
bob@devapp01:~ bob@devapp01:~
bob@devapp01:~$
bob@devapp01:~bob@devapp01:~ logoutConnection to devapp01 closed.bob@caleston-lp10:~/.ssh$bob@caleston-lp10:~/.ssh$
bob@caleston-lp10:~/.ssh$ ssh-copy-id bob@devapp01
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/bob/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
bob@devapp01’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘bob@devapp01’”
and check to make sure that only the key(s) you wanted were added.

bob@caleston-lp10:~/.ssh$
bob@caleston-lp10:~/.ssh$

========================================================================

Hi,

The ssh-copy-id is to be run on the source machine from which you want to SSH to the target without the password.

This is correct in the lecture as well, see the screenshot below.

So, just run it on caleston-lp10 (not on devapp01).

Once the key has been copied , you should be able to run “ssh devapp01” or “ssh bob@devapp01” from “caleston-lp10” without having to use the password.

let me know if you still have any questions.

Hello Sir ,

Yes , You are correct . I have gone through part of this lecture again.
It’s my mistake. Sorry.

with best regards
Pradeep Nehe

No problem. Let us know should you have any other question.

Yes Thanks ,

I am going through remaining part of the course at present and will try to raise each and every doubt or issues I can.

with best regards
Pradeep Nehe