RE: OpenSSH connection Problem

From: Fontanez Martin (Fontanez.Martin_at_PBGC.GOV)
Date: 06/16/05

  • Next message: Price, Christopher: "RE: SSH with no crypt"
    Date: Thu, 16 Jun 2005 13:43:10 -0400
    To: "Muktheshwar Sharma" <Muktheshwar.Sharma@three.co.uk>, <secureshell@securityfocus.com>
    
    

    If you are trying to connect using public key authentication, the keys
    need to be converted:
    OpenSSH -> SSH2
    From OpenSSH, to SSH2
    Note that following the public key from OSSH will be on CSSH. Since,
    however, SSH2 cannot read an OpenSSH key we have to do a few
    modifications to the file.
    What we're doing How Where
    1. Convert SSH Public Key ssh-keygen -e -f <path to public key>
    OSSH
    2. Create the public key file on the SSH2 machine vi
    .ssh2/id_dsa.lnxcde01, then paste it in. CSSH
    3. Add Public Key to the list of keys echo "key id_dsa.OSSH" >>
    .ssh2/authorization CSSH
    NOTE: The default name of the private key on OSSH is id_dsa but the
    file name can be defined using the "identification" file.
    You can now ssh from OSSH to CSSH without a password. Ensure that no
    other user has access to your private key file (keep permissions at
    600). Public keys can (and should) be publicly available.

    Hope this helps.

    Martin

    -----Original Message-----
    From: Muktheshwar Sharma [mailto:Muktheshwar.Sharma@three.co.uk]
    Sent: Thursday, June 16, 2005 2:29 AM
    To: 'secureshell@securityfocus.com'
    Subject: FW: OpenSSH connection Problem

    Please could any one guide me.

    Regards
    Muktheshwar
    4th Line Support - Product Integration, 3
    Tel: 01628 765780
    Mobile: 07782329291
    <http://www.three.co.uk>

    -----Original Message-----
    From: Damien Miller [mailto:djm@mindrot.org]
    Sent: 16 June 2005 04:43
    To: Muktheshwar Sharma
    Cc: 'openssh@openssh.com'
    Subject: Re: OpenSSH connection Problem

    This is a list for bugs in the OpenBSD version of OpenSSH, not for
    general support queries. Please use the secureshell@securityfocus.com
    list for support issues.

    Muktheshwar Sharma wrote:
    > Hi,
    >
    > I am connecting using Openssh Version 3.8.x to a commercial version of
    sftp
    > via internet. I am getting the following problem
    >
    > chris@banshee:~$ sftp mxtel02@217.171.130.243
    > Connecting to 217.171.130.243...
    > Permission denied (publickey).
    > Couldn't read packet: Connection reset by peer chris@banshee:~$
    >
    >
    > I've got the key loaded into my ssh-agent and if I try with -vvvv then
    I
    > can see it's offering it:-
    >
    > debug1: Authentications that can continue: publickey
    > debug1: Offering public key: 3avkey
    > debug3: send_pubkey_test
    > debug2: we sent a publickey packet, wait for reply
    > debug1: Authentications that can continue: publickey
    >
    > Kindly advice what to do.
    >
    > Advance Thanks and Regards,
    > Muktheshwar
    >
    >
    >
    >
    ________________________________________________________________________
    >
    > This e-mail message (including any attachment) is intended only for
    the
    personal
    > use of the recipient(s) named above. This message is confidential and
    may
    be
    > legally privileged. If you are not an intended recipient, you may not
    review, copy or
    > distribute this message. If you have received this communication in
    error,
    please notify
    > us immediately by e-mail and delete the original message.
    >
    > Any views or opinions expressed in this message are those of the
    author
    only.
    > Furthermore, this message (including any attachment) does not create
    any
    legally
    > binding rights or obligations whatsoever, which may only be created by
    the
    exchange
    > of hard copy documents signed by a duly authorised representative of
    Hutchison
    > 3G UK Limited.
    >
    ________________________________________________________________________
    >

    ________________________________________________________________________

    This e-mail message (including any attachment) is intended only for the
    personal
    use of the recipient(s) named above. This message is confidential and
    may be
    legally privileged. If you are not an intended recipient, you may not
    review, copy or
    distribute this message. If you have received this communication in
    error, please notify
    us immediately by e-mail and delete the original message.

    Any views or opinions expressed in this message are those of the author
    only.
    Furthermore, this message (including any attachment) does not create any
    legally
    binding rights or obligations whatsoever, which may only be created by
    the exchange
    of hard copy documents signed by a duly authorised representative of
    Hutchison
    3G UK Limited.
    ________________________________________________________________________


  • Next message: Price, Christopher: "RE: SSH with no crypt"

    Relevant Pages

    • Re: F-Secure client talking to OpenSSH server
      ... You need to reformat the public key from SECSH format to the OpenSSH format. ... print the key in a `SECSH Public Key File Format' to stdout. ...
      (SSH)
    • Re: SSH - Direct login without password - Beginner Question
      ... > from trojan to atlantis directly without the root password request. ... Under openssh, the file to modify would be sshd_config ... non-root account on the target system to use the public key. ...
      (comp.unix.solaris)
    • RE: Help with OpenSSH -> SSH2 Server
      ... > Well in the past I copied the clients SSH formatted public key up to the ... > server and then ran the conversion on the server. ... > openssh DSA format. ...
      (SSH)
    • Re: Pseudo-terminal and OpenSSH
      ... Okay. ... I did suspect that OpenSSH did not need an pseudoterminal to work. ... You don't use public key authentication? ... > authentication and ssh-agent, or just private key without passphrase ...
      (comp.unix.programmer)
    • RE: need help with public keys
      ... You are probably giving them an OpenSSH format public key and they probably ... OpenSSH public keys are one line keys. ... If you are not the intended recipient, ...
      (SSH)