ssh bookmark using private/pub keys

I am trying to setup a bookmark for clientless access using ssh private/pub key for authentication.   The host is Ubuntu 18.04.

When I try to connect to the host, I get the error:  No ECDSA host key is known for 'ip' and you have requested strict checking.   Host key verification failed.

I can't find any reference to this searching.  What am I missing?

I am using the ssh_host_rsa  priv/pub keys.

Thanks

  • Hi  

    Would you please try the steps mentioned in below thread if that works for you..?

    https://community.sophos.com/products/xg-firewall/f/vpn/92922/ssh-bookmark-issue

  • In reply to Vishal_R:

    I had seen this post and it wasn't addressing what I was actually trying to do.

    I was hoping to use just private/public key that the VM was used during setup, and login with just those credentials.   I didn't want to have to connect to the VM and setup a password for the user, and still use the public key.

    VM was created on an Openstack cloud, which is installed with the users keypair (tried to use in the bookmark).  The idea is that you can use just that keypair to login to the VM.  (as from other ssh clients)

    Not sure why it doesn't do that with the sophos ssh public/private key authentication method, but I have gotten priv/pub auth to work for a sftp bookmark.

  • In reply to Damon Gladbach:

    Also, even with the ssh option with password/public key, I get a lot of SSH host key changed errors.   Seems like a 'known_host' issue with an invalid key for that IP, but from looking at the /tmp/clientless folder on the sophos gw, it seems like each time a new session is created a new one is created specific to that session.   Even tried removing all the old sessions there, but still doesn't help.   Is that data also stored somewhere else?