Re: Using existing keys

From: Roumen Petrov (openssh_at_roumenpetrov.info)
Date: 02/04/05

  • Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"
    Date: Fri, 04 Feb 2005 22:08:49 +0200
    To: Antony Gelberg <antony@antgel.co.uk>
    
    

    Hi Antony,

    You needed X.509 support for OpenSSH.
    Please visit my page http://roumenpetrov.info/openssh and download diff
    for appropriate OpenSSH version.

    Regards,
    Roumen Petrov

    Antony Gelberg wrote:

    > Hi all,
    >
    > We'd like to use certificates to ssh between machines in our network.
    > The machines concerned already have X.509 certificates and private keys
    > for use with openswan, and we would like to re-use these for ssh rather
    > than generate new ones with ssh-keygen.
    >
    > I think all the files are in the right places (id_rsa, id_rsa.pub on the
    > client, and a copy of the client public key in authorized_keys2).
    > According to the server debug, there is a problem with the client public
    > key in authorized_keys2. This was generated from the public key withthe
    > command openssl rsa -in privatekey.pem -pubout > publickey.pem
    >
    > I generated a keypair with ssh_keygen for comparison purposes and there
    > is a noticable difference in the format as follows.
    >
    > openssl-generated public key:
    >
    > -----BEGIN PUBLIC KEY-----
    > MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4qgs3e4dyFv5jPawn8iWjPmJT
    > sJ7NCyadt2nKB35mJp5evWlfrbILDSk0NqOjAiA/aDOcrH/QeCto8gzYOapv7KYd
    > Lb0cfsnz+qhdgBucLC7ZguyTyrfomreaRTPyxEof5/VOOQiAVYby+y9wdNXws+Xd
    > tIqUfvQ2df4kJIEaxQIDAQAB
    > -----END PUBLIC KEY-----
    >
    > ssh-keygen public key:
    >
    > ssh-rsa
    > AAAAB3NzaC1yc2EAAAABIwAAAIEA9Ue+YGFwbpVML+4pbGcYS8rsO0xNbT3uXTJNAs2M2KN7KZLZF6ATjzgzrPe3f0f9QIqarqylxmdH4Lkg1Fv4YtxzNdr4J0iiHBULJ9WlBXz1ax2F/tRocG8Yx7GX3JpGqd9FzcA24kC9gahb99/2rJLadGRRsO4rT20hf+zt4+8=
    >
    > root@geddy
    >
    > How can I get sshd to work with the former style of public key, or is
    > there any other workaround? We're using 3.8.1 on Linux at both ends.
    >
    > Antony


  • Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"

    Relevant Pages