New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


How can I use private keys for my SSH sensors with PRTG?

Votes:

0

Your Vote:

Up

Down

I have several devices I want to access via SSH using PRTG’s SSH sensors. In the device settings, in the Credentials for Linux/Solaris/Mac OS (SSH/WBEM) Systems section, I want to paste a Private Key. Which format do I need and how does this all work?

credentials help howto linux private-key prtg putty ssh unix

Created on Feb 29, 2012 3:14:31 PM by  Daniel Zobel [Paessler Support]

Last change on May 9, 2014 4:29:00 PM by  Gerald Schoch [Paessler Support]



3 Replies

Accepted Answer

Votes:

0

Your Vote:

Up

Down

This article applies to PRTG Network Monitor 13 or later, as well as to previous (deprecated) versions

HowTo Use a Private Key with SSH Sensors in PRTG

SSH credentials are set on device level (or above). On the PRTG device you want to use the SSH sensors on, please open the Settings tab and go to the Inherit Credentials for Linux/Solaris/Mac OS (SSH/WBEM) Systems section. You can either Login via Password or Login via Private Key.

When using a private key, it has to be in OpenSSH RSA format and may not be encrypted!


In this article we will show how to use your existing .ppk SSH key with PRTG, converting it using PuTTYGen. We assume that

  1. you already have generated an “RSA Private Key” (which currently exists in .ppk format) and
  2. there exists a responding public key on the target system already (usually in the user’s /.ssh/authorized_keys file).


Note: If you do not yet have a private/public key pair for your systems, you can use PuttyGen to generate those keys as well, but this article will not explain how to do this.



Step 1: Save Your Existing PPK Key File

Save your existing RSA Private Key in .ppk format to a text file named mykey.txt. For example, your PPK key may look like this: PuTTY-User-Key-File-2: ssh-rsa Encryption: none Comment: myComment Public-Lines: 4 AAAAB3NzaC1yc2EAAAABJQAAAIBrXo98aGCVK5kbx9v9nEIWyK3cAuPuqMG12Qmy […] hlZAcQ== Private-Lines: 8 AAAAgBFpR7NPMkG0Cv2WB/+czHJlu1QcJPZE4SRoYm/q4HSkW8iYsMx51HgUfszv bGG7Xw+ba2jY0ovIelGyRcOhNCr85tYOZ8rqq2QuDBlw1H5M7VnjCpgC/z1Exwx/ […] EF34eaOg5KWgdb2+SNwl50QxFwW1r8CUeSuYOykI2PiNU0brMAMgWe68t4HHWWe7 ngA= Private-MAC: 05c421a1d5269eb8cff250445e389f00ea5c2186


Step 2: Download PuTTYGen

Go to the PuTTY Download Page, download, and execute puttygen.exe.


Step 3: Load PPK SSH Key File

In PuTTY Key Generator, click on the Load button and load your mykey.txt file. You will see a success message.


Step 4: Export OpenSSH Key File

Make sure you leave the passphrase fields empty, so the key is not encrypted during export.

Please make sure you select an RSA Type of key. PRTG does not support DSA keys!

Then, from the main menu of PuTTY Key Generator, select Conversions | Export OpenSSH key.

Confirm the warning message by clicking on Yes.

Save the key to a file named mykey-openssh.txt. Open this file in a text editor and make sure there is no line such as Proc-Type: 4,ENCRYPTED If there is, the key is in encrypted format and will not work with PRTG! A correct key will look like this: -----BEGIN RSA PRIVATE KEY----- MIICWQIBAAKBgGtej3xoYJUrmRvH2/2cQhbIrdwC4+6owbXZCbIoaCSgNf+tl5eZ 848pDe/EcbADdOA+a7E5El3+8k0grjZiFwpjJFgGZgYvdvRyl1rdvYu7l27Qa9OU […] glYyWqk94+bYvo0CQDx8uMBf2Wlc5iKIIlrrEF34eaOg5KWgdb2+SNwl50QxFwW1 r8CUeSuYOykI2PiNU0brMAMgWe68t4HHWWe7ngA= -----END RSA PRIVATE KEY-----


Step 5: Enter OpenSSH Key in PRTG

Open your mykey-openssh.txt key file and copy its contents to the clipboard. Copy the entire key, including the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- lines.

In the PRTG web interface, in the device’s Settings tab, in the Credentials for Linux/Solaris/Mac OS (SSH/WBEM) Systems section, set the login method to Login via Private Key.

Then paste the entire key, including the BEGIN and END lines, into the Private Key field. Save your settings.

Once pasted and saved, the private key will be shown as

***************************

Note: If you do not insert a private key for the first time, but change an existing private key, you need to restart your PRTG core server service in order for the private key change to take effect! You can restart services in PRTG's web interface under Setup | System Administration | Administrative Tools, or in previous PRTG versions in the PRTG Server Administrator tool.


Done

That’s it, your SSH sensors will now connect to your devices and query monitoring data.

Created on Mar 1, 2012 12:50:56 PM by  Daniel Zobel [Paessler Support]

Last change on May 9, 2014 4:37:29 PM by  Gerald Schoch [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Is it possible to use this Sensor with Password AND Keyfile?

Created on Jul 4, 2017 12:46:10 PM by  Michel Power (0) 2



Votes:

0

Your Vote:

Up

Down

Hello Michel,

No, either keyfile or password. Both is not possible.

Best,
Sebastian

Created on Jul 6, 2017 11:19:08 AM by  Sebastian Kniege [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.