Re: Using existing keys

From: Roumen Petrov (openssh_at_roumenpetrov.info)
Date: 02/04/05

Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"

Previous message: Greg Wooledge: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"
In reply to: Antony Gelberg: "Using existing keys"
Next in thread: Antony Gelberg: "Re: Using existing keys"
Reply: Antony Gelberg: "Re: Using existing keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 04 Feb 2005 22:08:49 +0200
To: Antony Gelberg <antony@antgel.co.uk>

Hi Antony,

You needed X.509 support for OpenSSH.
Please visit my page http://roumenpetrov.info/openssh and download diff
for appropriate OpenSSH version.

Regards,
Roumen Petrov

Antony Gelberg wrote:

> Hi all,
>
> We'd like to use certificates to ssh between machines in our network.
> The machines concerned already have X.509 certificates and private keys
> for use with openswan, and we would like to re-use these for ssh rather
> than generate new ones with ssh-keygen.
>
> I think all the files are in the right places (id_rsa, id_rsa.pub on the
> client, and a copy of the client public key in authorized_keys2).
> According to the server debug, there is a problem with the client public
> key in authorized_keys2. This was generated from the public key withthe
> command openssl rsa -in privatekey.pem -pubout > publickey.pem
>
> I generated a keypair with ssh_keygen for comparison purposes and there
> is a noticable difference in the format as follows.
>
> openssl-generated public key:
>
> -----BEGIN PUBLIC KEY-----
> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4qgs3e4dyFv5jPawn8iWjPmJT
> sJ7NCyadt2nKB35mJp5evWlfrbILDSk0NqOjAiA/aDOcrH/QeCto8gzYOapv7KYd
> Lb0cfsnz+qhdgBucLC7ZguyTyrfomreaRTPyxEof5/VOOQiAVYby+y9wdNXws+Xd
> tIqUfvQ2df4kJIEaxQIDAQAB
> -----END PUBLIC KEY-----
>
> ssh-keygen public key:
>
> ssh-rsa
> AAAAB3NzaC1yc2EAAAABIwAAAIEA9Ue+YGFwbpVML+4pbGcYS8rsO0xNbT3uXTJNAs2M2KN7KZLZF6ATjzgzrPe3f0f9QIqarqylxmdH4Lkg1Fv4YtxzNdr4J0iiHBULJ9WlBXz1ax2F/tRocG8Yx7GX3JpGqd9FzcA24kC9gahb99/2rJLadGRRsO4rT20hf+zt4+8=
>
> root@geddy
>
> How can I get sshd to work with the former style of public key, or is
> there any other workaround? We're using 3.8.1 on Linux at both ends.
>
> Antony

Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"

Previous message: Greg Wooledge: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"
In reply to: Antony Gelberg: "Using existing keys"
Next in thread: Antony Gelberg: "Re: Using existing keys"
Reply: Antony Gelberg: "Re: Using existing keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: probs with openssh(hpux) <==> ssh(win-nt)
... on the client side, we have have openssh ... "SSH and OpenSSH use different public key file formats" ...
(comp.security.ssh)
openssh server doesnt connect to ssh client
... private key and copied the public key to various servers in the prescribed ... I've had no problems accessing these remote servers, ... is a solaris webhost server running ssh. ... My openssh version is OpenSSH_2.5.2p2. ...
(comp.security.ssh)
Re: sftp non interactive session
... the default name for the public key of the type 'dsa', ... If you use the ssh from www.ssh.com, rather than openssh, then there ...
(comp.unix.solaris)
Re: pubkey authentication problem redhat linux openssh 2.9p2-12
... I am using the SSH Secure Shell Cient for Windows to log into OpenSSH on my ... Linux box. ... Upload the public key to server. ...
(comp.security.ssh)
RE: OpenSSH connection Problem
... From OpenSSH, to SSH2 ... Note that following the public key from OSSH will be on CSSH. ... If you are not an intended recipient, ...
(SSH)