I tried different things, tried searching the forums. Nothing was working. I couldn't add my remote machine using SSHFS as a Volume on my Cloudron until.... TLDR: I needed to add the Public Key contents to the
authorized_keysfile on the remote machine. Here is my story.
I was trying to add a Volume , which is another VPS of mine running Ubuntu 18, which I call "remote machine" in this tale.
I tried two different ways of generating keys.
ssh-keygenon my laptop, saved the public key, named id_rsa.pub, to the remote machine, in the user's .ssh directory, and the Private key in the dialogue box of adding Volumes in the Cloudron dashboard. I then tried to connect with port 22, then port 23. Both failed.
ssh-keygenon the remote machine and
cat /home/user/.ssh/id_rsaand copied the Private key into the dialogue box of adding Volumes in the Cloudron dashboard. I then tried connect with port 22, and port 23. Fail.
When I used port 22, I usually got the failure message:
Failed to mount (inactive): read: Connection reset by peer
When I used port 23, I got
Failed to mount (inactive): Could not determine failure reason.
I couldn't figure out how to track the connection attemps to see what was wrong.
tail -f /var/log/auth.logon Cloudron didn't show anything.
Here was my thought process: Everytime I've set up SSH keys, I run
ssh-keygenon the main machine, like my laptop. This gives me a private and a public key, both in my .ssh directory. I then copy the Public key to the remote VPS by pasting the result of
cat /home/user/.ssh/id_rsa.pubin the authorized_keys in the appropriate .ssh directory, restart sshd, and voila, I can connect with keys.
But something about this process on Cloudron was messing me up. I am NOT running
ssh-keygenon my Cloudron. So, there is NO Private nor Public key ON my Cloudron, in a .ssh directory. So, my first question was, how does the Cloudron machine connect to the remote, or allow the remoteto connect to it??
The answer to this was: On the remote machine I do run
ssh-keygen, and a Public and a Private key are generated in the user's .ssh directory. I then
cat /home/user/.ssh/id_rsa, copy the result and paste it into the Cloudron "Add Volume" dialogue where it asks for the Private SSH Key. So, I this is how Cloudron gets a Private key that would have been generated on it if I had run
ssh-keygenon the Cloudron machine. I had been leaving the Public key, already on the remote machine, as a key in the .ssh directory (
id_rsa.pub), and figured that should have been enough.
THEN, I realized, I had always pasted the contents of the
id_rsa.pubkey into the remote machine's
authorized_keysfile when I was working from my laptop... but I hadn't done that in this case (again, thinking that the presence of
id_rsa.pubin the .ssh directory was all that was needed). So, finally, after hours of trying this and that, I finally pasted the result of
cat /home/user/.ssh/id_rsa.pubin the
authorized_keysfile in the remote machine's .ssh directory, even though the exact same key, id_rsa.pub, was already on the remote machine. Then I went back to the Cloudron dashboard's Add Volume, entered all the same info, and.... voila! I have added a Volume!!
For all you devs, this may have seemed like an obvious step. For me, until the moment of clarity, it wasn't, because all the help I was reading (as far as I can recall) never explicitly said to copy the contents of
cat /home/user/.ssh/id_rsa.pubinto the
authorized_keysfile on the exact same machine. I assumed the presence of the pub key would do the trick. Conceptually, it might seem obvious, but now that I understand, I can see that it isn't necessarily an obvious step. To be honest, for all I know, the presence of the pub key file should have been enough, but it didn't work, not for me, until I pasted pub key's contents into the
All this to say, I'm going to go through the https://linuxupskillchallenge.com/. I have learned alot over my years of self-hosting, but conceptually there is still so much that I need to grasp.