RE: Help with OpenSSH -> SSH2 Server

From: Andrew n marshall (invysibleman_at_yahoo.com)
Date: 05/16/03

  • Next message: Martin Ferdinand R Magat: "RE: sftp on OS390 mainframe"
    Date: Thu, 15 May 2003 16:47:42 -0700 (PDT)
    To: "Rochford, Paul" <Paul.Rochford@itsis.ie>
    
    

    --- "Rochford, Paul" <Paul.Rochford@itsis.ie> wrote:
    >
    > Well in the past I copied the clients SSH formatted public key up to the
    > server and then ran the conversion on the server.
    >
    > ssh-keygen -i (input file) > (output file) .. Converts openssh DSS key
    > to
    > openssh DSA format.
    >
    > I think ssh-keygen -e (input file) > (output file) will do the reverse,
    > i.e. convert your openssh public key to ssh.com format

    I feel confused at what you are trying to tell me. Don't I want convert
    the OpenSSH public key into an ssh.com format key for the server? And if
    so, I feel like I'm doing exactly that, using ssh-keygen -e under OpenSSH
    (i.e., on the client machine).

    Is there something wrong you see in my proceedure below?

    Anm

    > -----Original Message-----
    > From: Andrew n marshall [mailto:invysibleman@yahoo.com]
    > Sent: 15 May 2003 05:09
    > To: Rochford, Paul
    > Cc: secureshell@securityfocus.com
    > Subject: RE: Help with OpenSSH -> SSH2 Server
    >
    >
    >
    > Isn't that what this does:
    > client:~/ > ssh-keygen -e -f .ssh/id_dsa.pub > .ssh/client_dsa.pub.txt
    >
    >
    > Anm
    >
    > --- "Rochford, Paul" <Paul.Rochford@itsis.ie> wrote:
    > > I think you need to convert your SSH keys to openssh format.
    > >
    > > -----Original Message-----
    > > From: Andrew n marshall [mailto:invysibleman@yahoo.com]
    > > Sent: 14 May 2003 19:03
    > > To: secureshell@securityfocus.com
    > > Subject: Help with OpenSSH -> SSH2 Server
    > >
    > >
    > >
    > > Using an OpenSSH client, I am trying to log into a machine using SSH
    > > Secure Shell 2.4.0 server without success. I've tried the following
    > > client platform OpenSSH combinations:
    > > Mac OS X using OpenSSH_3.5p1 (from fink)
    > > Linux box using OpenSSH_3.4p1 Debian 1:3.4p1-1
    > > SGI using OpenSSH_3.5p1
    > > To prepare the key this is what I do:
    > > client:~/ > ssh-keygen -t dsa
    > > Generating public/private dsa key pair.
    > > Enter file in which to save the key (/Users/amarshal/.ssh/id_dsa):
    > > Enter passphrase (empty for no passphrase):
    > > Enter same passphrase again:
    > > Your identification has been saved in /Users/amarshal/.ssh/id_dsa.
    > > Your public key has been saved in /Users/amarshal/.ssh/id_dsa.pub.
    > > The key fingerprint is:
    > > 6f:32:e8:3e:3f:e9:70:99:00:79:44:c9:5d:3d:5a:a1
    > > amarshal@Collimodel.local.
    > > client:~/ > ssh-keygen -e -f .ssh/id_dsa.pub >
    > > .ssh/client_dsa.pub.txt
    > >
    > > I then copy client_dsa.pub.txt to the server as ~/.ssh2/client.pub,
    > and
    > > add the line
    > > Key client.pub
    > > to the file ~/.ssh2/authorization
    > >
    > > Despite doing this, I get the following from all three systems
    > > client:~/ > ssh server
    > > Permission denied (publickey).
    > > client:~/ > ssh -i .ssh/id_dsa server
    > > Permission denied (publickey).
    > >
    > > I had exactly the same results using rsa1 keys. Any and all help is
    > > appreciated.
    > >
    > >
    > > Anm
    > >
    > >
    > > ********************************************************************
    > > This email and any files transmitted with it are confidential and
    > > intended solely for the use of the individual or entity to whom they
    >
    > > are addressed. If you have received this email in error please
    > > notify us immediately at MailMonitor@isismail.ie and delete this
    > E-mail
    > > from your system. Thank you.
    > > It is possible for data transmitted by email to be deliberately or
    > > accidentally corrupted or intercepted. For this reason, where the
    > > communication is by email, the Bank of Ireland Group does not accept
    > > any responsibility for any breach of confidence which may arise
    > > through the use of this medium.
    > > This footnote also confirms that this email message has been swept
    > > for the presence of known computer viruses.
    > > ********************************************************************
    > >
    > >
    >
    >
    > __________________________________
    > Do you Yahoo!?
    > The New Yahoo! Search - Faster. Easier. Bingo.
    > http://search.yahoo.com
    >
    >
    > ********************************************************************
    > This email and any files transmitted with it are confidential and
    > intended solely for the use of the individual or entity to whom they
    > are addressed. If you have received this email in error please
    > notify us immediately at MailMonitor@isismail.ie and delete this E-mail
    > from your system. Thank you.
    > It is possible for data transmitted by email to be deliberately or
    > accidentally corrupted or intercepted. For this reason, where the
    > communication is by email, the Bank of Ireland Group does not accept
    > any responsibility for any breach of confidence which may arise
    > through the use of this medium.
    > This footnote also confirms that this email message has been swept
    > for the presence of known computer viruses.
    > ********************************************************************
    >
    >

    __________________________________
    Do you Yahoo!?
    The New Yahoo! Search - Faster. Easier. Bingo.
    http://search.yahoo.com


  • Next message: Martin Ferdinand R Magat: "RE: sftp on OS390 mainframe"

    Relevant Pages

    • Re: F-Secure client talking to OpenSSH server
      ... You need to reformat the public key from SECSH format to the OpenSSH format. ... print the key in a `SECSH Public Key File Format' to stdout. ...
      (SSH)
    • Re: sftp Authentication Issue (Unix to Windows)
      ... KnowledgeBase article, ID 31930, posted on the ssh support website ... Now that you have uploaded the public key to the OpenSSH server, ... you must convert the public key format from SecSH (the format ...
      (comp.security.ssh)
    • RE: Using public key pair to authenticate
      ... Part of it has to do with the way that OpenSSH and SSH.com internally handle their keys. ... The default for OpenSSH is that the key is stored in authorized_keys in the .ssh directory with the following format: ... while ssh.com has a file in the .ssh2 directory called authorization that contains the following type of info: ... > When I try connecting to the remote server, I am asked to type in the ...
      (SSH)
    • RE: F-Secure client talking to OpenSSH server
      ... are not compatible but you should be able to convert the public key to ... an OpenSSH compatible format. ... F-Secure client talking to OpenSSH server ... I need to let one server running Solaris 5.6 and F-Secure SSH 3.0.1 ...
      (SSH)
    • Re: OpenSSH Password Authencation with SSH2 server
      ... I had put the OpenSSH format Public Key File on the sever. ... > For OpenSSH Password Authencation with a SSH2 server I did the following: ... > debug1: Connection established. ...
      (comp.security.ssh)