Symantec IGA

Introduction:

Environment:

Description and instructions:

Creation of a new Unix endpoint using Unix v2 provisioning connector is described here: UNIX v2 Connector - CA Identity Management & Governance Connectors - CA Technologies Documentation 

One of the steps is to generate public/private key pair using puttygen application (although any other means to generate key pair are fine).

The following error when creating a new Unix v2 endpoint: SSH Error: unknown key type '----- BEGIN' seems to indicate that generated public key has incorrect format.

However this message is very probably a red herring. The actual problem is highly likely on the server side (i.e. on Unix endpoint side) rather than on the client side (i.e. on JCS side)
Here are some recommendations on how to find the real cause:

• Ensure that $HOME directory has 755 permissions and is owned by the user that is used to acquire endpoint
• Ensure that $HOME/.ssh directory has 700 permissions and is owned by the user
• Ensure that $HOME/.ssh/authorized_keys file has 600 permissions and is owned by the user
• Check sshd log file for errors. The log file name/location depends on a Unix flavor, in case of Red Hat compatible Linux distribution it's /var/log/secure
• Check sshd configuration. File location is /etc/sshd_config (Red Hat), /etc/ssh/sshd_config (Debian based)
• Check /etc/hosts.allow and /etc/hosts.deny files
• Try to make SSH connection using command line on the machine where JCS is running to the Unix endpoint using already generated private key and debug mode (ssh -v)