Load ssh pub key to vyos.
vyos@vyos-roll# loadkey vyos scp://[email protected]/root/.ssh/id_rsa.pub Enter host password for user 'root': curl: (60) SSL peer certificate or SSH remote key was not OK More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. Done [edit] vyos@vyos-roll#
I replace
my $cmd = "curl -#";
to
my $cmd = "curl --insecure -#";
in https://github.com/vyos/vyatta-cfg-system/blob/current/scripts/vyatta-load-user-key.pl#L64
It loads the key from the remote side but generates another error
vyos@r2-roll# loadkey vyos scp://[email protected]/etc/ssh/ssh_host_rsa_key.pub Enter host password for user 'vyos': ########################################################################################################################################################################### 100.0% error: Ignoring /opt/vyatta/etc/config/archive/lr.conf because it is writable by group or others. Done
With that replace I see this is an error in each commit
vyos@r1-roll# delete firewall [edit] vyos@r1-roll# commit error: Ignoring /opt/vyatta/etc/config/archive/lr.conf because it is writable by group or others. [edit]
vyos@r4-roll# loadkey vyos scp://[email protected]/etc/ssh/ssh_host_rsa_key.pub Enter host password for user 'ubuntu': ########################################################################################################################################################################### 100.0% Done [edit] vyos@r4-roll# set interfaces ethernet eth0 description WAN [edit] vyos@r4-roll# commit [edit] vyos@r4-roll# vyos@r4-roll# run show version Version: VyOS 1.3-rolling-202008120118
The key loaded successfully. There are no more mistakes.
The PR126 is relevant.