Hi community
We are enable secret engine ssh to sign certificate ssh, and works fine from linux-2-linux
now we download the vault binary for windows and recreate the same steps to login using similar options from windows but still saying pubkey denied
the steps are:
download windows binary vault from site, extracted and
copied vault.exe in c:\Windows
open powershell window and typed
cd C:\Users\MyUser
ssh-keygen -f keypairs -t rsa -b 4096
mv keypairs * .ssh/
$env:VAULT_ADDR=“https://vault.example.com”
env:VAULT_TOKEN=(vault login -token-only -method=ldap -path=ldap username=myADuser)
vault write -field=signed_key ssh-client-signer/sign/devops public_key=@./.ssh/keypairs .pub > ./.ssh/keypairs -signed.pub
notepad C:\Users\MyUser.ssh\config
IdentityFile C:\Users\MyUser.ssh\keypairs
Host *
CertificateFile C:\Users\MyUser.ssh\keypairs-signed.pub
IdentityFile C:\Users\MyUser.ssh\keypairs
StrictHostKeyChecking no
everything was ok except this 2 things
.\.ssh\keypairs-signed.pub:1: invalid key: invalid format
and ssh devops@serverlinux.example.com
Permission denied (publickey) i guess because the forma is invalid so… how can I fix this?
everything in internet explain how login using public key but no one explain or at least can’t found it yet after hours of reasearch how login using certificate signed from windows client to linux