Posted on August 7, 2020 7:54 pm
 |  Asked by David Juarez
 |  45 views
0
0
Print Friendly, PDF & Email

I am attempting to authenticate users over SSH with a trusted CA key, but am unable to do so because I can’t figure out how to write the AuthorizedPrincipalsFile that sshd expects.  Is this possible with Arista routers?

I see  the generated sshd_config has the following lines

TrustedUserCAKeys /persist/secure/ssh/cakeys/caKeys_aggregate.pub
AuthorizedPrincipalsFile %h/.ssh/principals

I was able to copy over the file for caKeys_aggregate.pub using the API, however I see no command which will allow me to write to /home/user/.ssh/principals.

Is there a way to write the AuthorizedPrincipalsFile to allow this, or to overwrite the generated sshd_config file to remove the AuthorizedPrincipalsFile line all together?

Thanks for the help!

1
Posted by Roberto Salazar
Answered on August 8, 2020 7:32 pm

This might help with your question/issue:
https://eos.arista.com/eos-4-22-1f/ssh-certificates/

0
Posted by David Juarez
Answered on August 19, 2020 8:11 am

Thanks very much Roberto

Post your Answer

You must be logged in to post an answer.