RE: Using public key pair to authenticate

Matthew.Dalton_at_rochester.edu
Date: 11/24/04

  • Next message: Greg Wooledge: "Re: Using public key pair to authenticate" 
    Date: Wed, 24 Nov 2004 11:45:49 -0500 (EST)
To: "Tay, Gary" <Gary_Tay@platts.com>

    Part of it has to do with the way that OpenSSH and SSH.com internally handle their keys. The default for OpenSSH is that the key is stored in authorized_keys in the .ssh directory with the following format:

    ssh-dss bunch_of_base64_encoded_key_junk user@example.com

    while ssh.com has a file in the .ssh2 directory called authorization that contains the following type of info:

    key PublicKey.pub

    where PublicKey.pub will be in the .ssh2 directory in the following format:

    ---- BEGIN SSH2 PUBLIC KEY ----
    Subject: your_subject
    Comment: "1024-bit dsa, user@example.com, Thu Dec 06 2001 14:22:13"
    bunch_of_base64_encoded_key_junk_with_line_breaks_at_every_seventy_fir
    st_column
    ---- END SSH2 PUBLIC KEY ----

    If you change the formatting around to correspond with these, that should work. At least, that's what I did, and it seemed to work for me.

    --Matthew Dalton

    On Wed, 24 Nov 2004, Tay, Gary wrote:

    > You may search SUN's BigAdmin portal or Google for "authorized_keys".
    > Some good ones:
    >
    > http://www.sun.com/bigadmin/features/articles/sec_shell_1.html
    > http://www.sun.com/bigadmin/features/articles/sec_shell_2.html
    >
    > Most people would start SSH server in debug mode, "sshd -d", and also
    > test ssh client connection using vervose mode, "ssh -v remotehost"
    >
    > Gary
    >
    > -----Original Message-----
    > From: Loo, Peter [mailto:Peter.Loo@bannerhealth.com]
    > Sent: Wednesday, November 24, 2004 7:58 AM
    > To: secureshell@securityfocus.com
    > Subject: Using public key pair to authenticate
    >
    >
    >
    > Hi,
    >
    > I am working with two Unix servers running AIX 5.2. One server is
    > running "OpenSSH_3.6.1p2-CERT-patched, SSH protocols 1.5/2.0, OpenSSL
    > 0x009060df" while the other is running "SSH Secure Shell 3.2.0".
    >
    > I created the key pair on the server with OpenSSH using "ssh-keygen". I
    > named the output files as (identity & identity.pub). Then I copied the
    > contents of "identity.pub" to the file named authorized_keys on the
    > server with "SSH Secure Shell 3.2.0".
    >
    > When I try connecting to the remote server, I am asked to type in the
    > password. Apparently the public key authentication method is not
    > working.
    >
    > Can someone shed some light for me?
    >
    > Thanks.
    >
    > Peter
    >
    >

  • Next message: Greg Wooledge: "Re: Using public key pair to authenticate"

    Relevant Pages

    • RE: Help with OpenSSH -> SSH2 Server
      ... > Well in the past I copied the clients SSH formatted public key up to the ... > server and then ran the conversion on the server. ... > openssh DSA format. ...
      (SSH)
    • Announce: OpenSSH 4.2 released
      ... OpenSSH 4.2 has just been released. ... implementation and includes sftp client and server support. ...
      (SSH)
    • Re: GSSAPI SSH WIN 2003
      ... OpenSSH does not have this flexibility. ... server that does; it is one of the most long-standing inadequacies of most ... used publickey authentication, for the simple reasons that it's ... > group will get Service ticket for my HP-UX box. ...
      (comp.security.ssh)
    • Announce: OpenSSH 4.3 released
      ... OpenSSH 4.3 has just been released. ... implementation and includes sftp client and server support. ...
      (SSH)
    • =?Utf-8?Q?DC_hin=C3=BCber_nach_=C3=84nderung_von_Pri?= =?Utf-8?Q?vilegien_=28OpenSSH_auf_Ser
      ... Server, zusammen bilden die eine AD Domäne ab. ... Jetzt versuche ich OpenSSH auf beiden zum Laufen zu bekommen. ... dass der Local System Account unter Windows Server 2003 nicht ... GPOs, da unsere GPO zuerst zieht und damit die Benutzer, die in den o.g. ...
      (microsoft.public.de.german.windows.server.general)