RE: public key authentication client both on windows and linux

From: Bryan McAninch (bryan_at_mcaninch.org)
Date: 10/31/05

  • Next message: drobinson: "SFTP"
    To: <secureshell@securityfocus.com>
    Date: Mon, 31 Oct 2005 09:55:22 -0600
    
    
    

    I had this same problem...

    As a workaround, I created two partitions on my USB drive for each
    filesystem. Windows makes this procedure is a little tricky though, since it
    fails to recognize Linux partitions. So, first fdisk the USB drive in Linux,
    creating two partitions. Make the first partition type HPFS/NTFS and the
    second partition type Linux. Insert the USB drive into your Windows box and
    format the first (and only recognizable) partition with NTFS filesystem.
    Unplug / re-insert the USB drive into your Linux box and mkfs.ext2 the
    second partition.

    Cheers,
    Bryan

    -----Original Message-----
    From: Dolf Andringa [mailto:dolf.andringa@elcyion.nl]
    Sent: Sunday, October 30, 2005 11:30 AM
    To: secureshell@securityfocus.com
    Subject: public key authentication client both on windows and linux

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    HI all,

    I've got a question about using public key authentication. I've been
    looking on the maling list archives and FAQ, and it's probabely me, but
    I can't find an answer to this question. Sorry if I am the 1000th person
    asking this question, I know that's annoying, but I can't find the answer.

    I'm using public key authentication to access some servers through ssh.
    I put my private key on a usb memory stick cause I need to access the
    servers from different locations (when on holiday, from my home, from my
    office, etc). I've password protected the private key with a very long
    passphrase which is virtually unguessable. To be able to access the
    private key from multiple OS'es, the fs of the memorystick is fat16.
    Fat16 does not support any rights on files, so mounted on linux, all
    files have 0755 permissions. The ssh client doesn't accept private keys
    with 0755 permissions though. Setting -o StrictModes=no when invoking
    the client does not seem to work (bad configuration option).
    Is there any way around this? If there is not, it would mean it is
    impossible to use public key authentication from multiple locations
    since memorysticks have to be formatted in fat16 to be able to use it on
    multiple OS'es.

    Even if I would format the memorystick with a ext3 fs, which would make
    it useless on windows, the problem would still persist. UID's accross
    multiple linux machines are never the same. Having the private key owned
    by some user with mode 600 would make it useless on another system since
    the same uid probabely belongs to another user on that machine.

    I hope somebody can help me with this problem, thanks for you patience.
    Cheers,

    Dolf.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFDZQMJKaTTNeXBMakRApWqAJ0Qoh2rNq1YVbg7htGpkbzY/oISogCfemCG
    Y2mgCUzEusa1ln7Yg/d82K4=
    =nQ7L
    -----END PGP SIGNATURE-----

    
    



  • Next message: drobinson: "SFTP"

    Relevant Pages