RE: SSH with OpenSSH and Putty - Please Help!

From: Jim Conner (jconner_at_lrn.com)
Date: 03/02/04

  • Next message: peter.kielbasiewicz_at_philips.com: "bug in patch text http://www.openssh.com/txt/buffer.adv"
    To: "'Armour, Aaron J (BearingPoint)'" <aarmour@bearingpoint.net>, "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
    Date: Tue, 2 Mar 2004 10:31:33 -0800 
    
    

    (note to all...I hate outlook)

    -- 
    OK.  I deleted all my keys on the server and locally.  I generated a key
    pair, copied the public key to the files of authorized_keys and
    authorized_keys2 in a the /.ssh/ directory on my server.  I used keys and
    keys2 because some internet info says to name the file keys and some says
    keys2.  So then I loaded the private key into Pagent and it was running in
    Pagent and then I tried to connect via Putty and I got the same thing.  It
    will sync up the private keys, but something is not right with the public
    keys it still appears.  After the output says that it likes the private key
    match, the client then sends their public key to the server and the server
    does not take it.  Maybe it's a user issue.  I try to login as me on the
    server via ssh through Putty, let's say my username is ajarmour, but I don't
    have anything in my home directory at all on the server.  Do I need to? 
    -- new comments
    Yup.  You need to put the authorized_keys[2] in each home directory under
    the .ssh directory.  If you are root, then you need them in the /root/.ssh.
    If you login as ajarmour then you need them in /home/ajarmour/.ssh (assuming
    your users' home directory are in /home).  
    You can also make the authorized_keys file a symlink to authorized_keys2.
    I've found that in times past this hasn't caused me problems.  You might
    also want to force the server to protocol 2 by disabling protocol 1.  Thats
    done with the Protocol directive in the config file.
    -- stop new comments
    I am root on this server and I do everything as root, but I don't want to
    allow root login, so do I need an /.ssh directory in my ajarmour home
    directory?  The authorized_keys files that I have on the server are in the
    /.ssh/ directory, not the /ajarmour/.ssh/ directory, but should they be?
    Maybe this is the problem or maybe it's that I need to convert the key with
    the Export OpenSSH tool in PuttyGen?  Here is the putty.log output again:
    -- new comments
    You do need to export the key from OpenSSH's key with puttygen.  But this is
    only for the public key that you bring over from the server to the machine
    which you are using putty.
    So, to recap:
    On the server that you are running OpenSSH that you are trying to make a
    key-based authenticated connection you need a public key properly put into
    the authorized_keys[2] (meaning authorized_keys and authorized_keys2) files.
    Those files are placed in $HOME/.ssh/ where $HOME is the home directory that
    each user logs in under.  I usually just cat the id_dsa.pub file to
    authorized_keys[2]
    example:
    $ ssh-keygen -b 1024 -t dsa
    (follow prompts)
    $ cd $HOME/.ssh/
    $ cat id_dsa.pub >> authorized_keys2
    $ ln -s authorized_keys2 authorized_keys
    Then, you need to have the private key file that was created when you
    generated your openssh key pair on the server copied over to your windows
    machine.  Then you need to use the puttygen tool to convert that key over to
    a putty key.  My memory is old on the putty part but the documentation for
    putty in that regard is good so you should be able to do that part pretty
    easily.
    On windows:
    C:\> pscp user@host.with.key:.ssh/id_dsa c:\
    (or ftp or send file to yourself as an attachment from your linux machine)
    (follow prompts)
    C:\> puttygen (switches to convert key to putty key).
    You might need both the private key and the public key to do the conversion
    but I doubt it.  I just don't remember.
    After that, it should work.  If I missed anything please let me know.
    - Jim
    

  • Next message: peter.kielbasiewicz_at_philips.com: "bug in patch text http://www.openssh.com/txt/buffer.adv"

    Relevant Pages

    • help desperately needed for using PuTTY
      ... I saved the private key in my pc and pasted the ... Server refused our key ... Various forms of this error are printed in the PuTTY window, ... If you see one of these messages, it means that PuTTY has sent a public key ...
      (comp.security.ssh)
    • Re: TIPS FOR THE NEWCOMER
      ... As long as the private key is readable by the ssh client when it comes ... When the ssh client connects to the server, ... private key which matches the public key. ...
      (SSH)
    • Re: Help! Public key stopped working w/putty
      ... We finally solved the problem ourselves -- my home directory gave the ... home directory permissions to 700), ... > to the Linux box (running OpenSSH server). ... >, Putty insists on asking me ...
      (comp.security.ssh)
    • Re: Help! Public key stopped working w/putty
      ... We finally solved the problem ourselves -- my home directory gave the ... home directory permissions to 700), ... > to the Linux box (running OpenSSH server). ... >, Putty insists on asking me ...
      (comp.security.ssh)
    • PuTTY: Server refused our public key
      ... I'm trying to use putty to connect to a remout server. ... first time I'm doing it so I'm not sure if I'm doing it the right way. ... On the Linux server how do I know what version of ssh is running? ... public and private keys and copied the public key over to known_hosts ...
      (comp.security.ssh)