Re: Using existing keys

From: Roumen Petrov (
Date: 02/04/05

  • Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"
    Date: Fri, 04 Feb 2005 22:08:49 +0200
    To: Antony Gelberg <>

    Hi Antony,

    You needed X.509 support for OpenSSH.
    Please visit my page and download diff
    for appropriate OpenSSH version.

    Roumen Petrov

    Antony Gelberg wrote:

    > Hi all,
    > We'd like to use certificates to ssh between machines in our network.
    > The machines concerned already have X.509 certificates and private keys
    > for use with openswan, and we would like to re-use these for ssh rather
    > than generate new ones with ssh-keygen.
    > I think all the files are in the right places (id_rsa, on the
    > client, and a copy of the client public key in authorized_keys2).
    > According to the server debug, there is a problem with the client public
    > key in authorized_keys2. This was generated from the public key withthe
    > command openssl rsa -in privatekey.pem -pubout > publickey.pem
    > I generated a keypair with ssh_keygen for comparison purposes and there
    > is a noticable difference in the format as follows.
    > openssl-generated public key:
    > -----BEGIN PUBLIC KEY-----
    > sJ7NCyadt2nKB35mJp5evWlfrbILDSk0NqOjAiA/aDOcrH/QeCto8gzYOapv7KYd
    > Lb0cfsnz+qhdgBucLC7ZguyTyrfomreaRTPyxEof5/VOOQiAVYby+y9wdNXws+Xd
    > tIqUfvQ2df4kJIEaxQIDAQAB
    > -----END PUBLIC KEY-----
    > ssh-keygen public key:
    > ssh-rsa
    > AAAAB3NzaC1yc2EAAAABIwAAAIEA9Ue+YGFwbpVML+4pbGcYS8rsO0xNbT3uXTJNAs2M2KN7KZLZF6ATjzgzrPe3f0f9QIqarqylxmdH4Lkg1Fv4YtxzNdr4J0iiHBULJ9WlBXz1ax2F/tRocG8Yx7GX3JpGqd9FzcA24kC9gahb99/2rJLadGRRsO4rT20hf+zt4+8=
    > root@geddy
    > How can I get sshd to work with the former style of public key, or is
    > there any other workaround? We're using 3.8.1 on Linux at both ends.
    > Antony

  • Next message: Atro Tossavainen: "Re: Problem compiling openssh 3.9p1 on HP-UX 10.20"