RE: SSH with OpenSSH and Putty - Please Help!

• Previous message: James Kirkpatrick: "Problems setting up sshd"
• Maybe in reply to: Armour, Aaron J (BearingPoint): "SSH with OpenSSH and Putty - Please Help!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Armour, Aaron J (BearingPoint)'" <aarmour@bearingpoint.net>, "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
Date: Tue, 2 Mar 2004 10:31:33 -0800 

(note to all...I hate outlook)

-- 
OK.  I deleted all my keys on the server and locally.  I generated a key
pair, copied the public key to the files of authorized_keys and
authorized_keys2 in a the /.ssh/ directory on my server.  I used keys and
keys2 because some internet info says to name the file keys and some says
keys2.  So then I loaded the private key into Pagent and it was running in
Pagent and then I tried to connect via Putty and I got the same thing.  It
will sync up the private keys, but something is not right with the public
keys it still appears.  After the output says that it likes the private key
match, the client then sends their public key to the server and the server
does not take it.  Maybe it's a user issue.  I try to login as me on the
server via ssh through Putty, let's say my username is ajarmour, but I don't
have anything in my home directory at all on the server.  Do I need to? 
-- new comments
Yup.  You need to put the authorized_keys[2] in each home directory under
the .ssh directory.  If you are root, then you need them in the /root/.ssh.
If you login as ajarmour then you need them in /home/ajarmour/.ssh (assuming
your users' home directory are in /home).  
You can also make the authorized_keys file a symlink to authorized_keys2.
I've found that in times past this hasn't caused me problems.  You might
also want to force the server to protocol 2 by disabling protocol 1.  Thats
done with the Protocol directive in the config file.
-- stop new comments
I am root on this server and I do everything as root, but I don't want to
allow root login, so do I need an /.ssh directory in my ajarmour home
directory?  The authorized_keys files that I have on the server are in the
/.ssh/ directory, not the /ajarmour/.ssh/ directory, but should they be?
Maybe this is the problem or maybe it's that I need to convert the key with
the Export OpenSSH tool in PuttyGen?  Here is the putty.log output again:
-- new comments
You do need to export the key from OpenSSH's key with puttygen.  But this is
only for the public key that you bring over from the server to the machine
which you are using putty.
So, to recap:
On the server that you are running OpenSSH that you are trying to make a
key-based authenticated connection you need a public key properly put into
the authorized_keys[2] (meaning authorized_keys and authorized_keys2) files.
Those files are placed in $HOME/.ssh/ where $HOME is the home directory that
each user logs in under.  I usually just cat the id_dsa.pub file to
authorized_keys[2]
example:
$ ssh-keygen -b 1024 -t dsa
(follow prompts)
$ cd $HOME/.ssh/
$ cat id_dsa.pub >> authorized_keys2
$ ln -s authorized_keys2 authorized_keys
Then, you need to have the private key file that was created when you
generated your openssh key pair on the server copied over to your windows
machine.  Then you need to use the puttygen tool to convert that key over to
a putty key.  My memory is old on the putty part but the documentation for
putty in that regard is good so you should be able to do that part pretty
easily.
On windows:
C:\> pscp user@host.with.key:.ssh/id_dsa c:\
(or ftp or send file to yourself as an attachment from your linux machine)
(follow prompts)
C:\> puttygen (switches to convert key to putty key).
You might need both the private key and the public key to do the conversion
but I doubt it.  I just don't remember.
After that, it should work.  If I missed anything please let me know.
- Jim

• Previous message: James Kirkpatrick: "Problems setting up sshd"
• Maybe in reply to: Armour, Aaron J (BearingPoint): "SSH with OpenSSH and Putty - Please Help!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]