This procedure and the troubleshooting steps were tested on Quantum Spark 1500 R81.10.xx and was adapted to be compatible with sk179986 - not available anymore.

Warning: This configuration does not survive a firmware upgrade.

The Procedure

Create a ed25519 key pair and save the keys to ckpSMBAccessKey and ckpSMBAccessKey.pub files:

ssh-keygen -t ed25519 -f ~/ckpSMBAccessKey -C ""

I have tested with success the following script:

• locally, on appliance, in a bash shell
• remote, from SmartProvisioning

# replace this with the ed25519 key from ckpSMBAccessKey.pub file !
pubkey='AAAA............'

# set the authorized key for SSH access
mkdir -p /storage/.ssh
chmod 700 /storage/.ssh
cat << EOF > /storage/.ssh/authorized_keys
ssh-ed25519 $pubkey
EOF
chmod 600 /storage/.ssh/authorized_keys

# change sshd's configuration to read the new key file
sed -i 's/\(AuthorizedKeysFile\).*/\1 \/storage\/\.ssh\/authorized_keys/g' /pfrm2.0/etc/sshd_config

# fix/change permissions for root directory before sshd starts
sed -i '/^cpwd_admin.*/i chown root:root \/\n' /pfrm2.0/bin/sshd.sh

# reboot is needed according to sk179986 but a service restart is enough
ps -ef | awk '/[s]shd/ {print $2}' | xargs kill -9

test the new configuration with:

ssh -i ~/ckpSMBAccessKey admin@ip_address_of_SMB_appliance

Troubleshooting

Log to appliance and change in /pfrm2.0/etc/sshd_config:

#SyslogFacility AUTH
#LogLevel INFO

to:

#SyslogFacility AUTH
LogLevel DEBUG

then restart only the sshd service:

ps -ef | awk '/[s]shd/ {print $2}' | xargs kill -9

Reconnect with:

ssh -i your_private_key_file_name -vvv admin@ip_address_of_appliance

and, to see the log entries generated by sshd, execute from expert mode:

cat /var/log/messages | grep sshd

When done, set the LogLevel back to INFO and restart sshd.

Want to share this post? Click to copy the link.