Re: Exporting Fsecure private key to OpenSSH
From: Kris Thielemans (kris.thielemans@ic.ac.uk)
Date: 04/07/03
- Previous message: B. Joshua Rosen: "Re: OpenSSH through a Firewall"
- In reply to: Neil W Rickert: "Re: Exporting Fsecure private key to OpenSSH"
- Next in thread: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"
- Reply: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kris Thielemans" <kris.thielemans@ic.ac.uk> Date: Mon, 7 Apr 2003 00:10:49 +0100
Thanks Neil,
this almost worked...
I can indeed import the private key now into OpenSSH. Then doing an ssh -vvv
shows that ssh can now indeed read the private key. Unfortunately, the sshd
at the other side does not seem to accept it. I fall back to password
again... The relevant lines of the output of ssh -vvv are below.
debug1: next auth method to try is publickey
debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug3: sign_and_send_pubkey
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_dsa
debug3: no such identity: /cygdrive/e/home/kris/.ssh/id_dsa
debug2: we did not send a packet, disable method
Full output is again at the end of the post.
Any ideas?
Kris
Neil W Rickert <rickert+nn@cs.niu.edu> wrote in message
news:b6o7bo$l15$2@husk.cso.niu.edu...
> "Kris Thielemans" <kris.thielemans@ic.ac.uk> writes:
>
> >Now I would like to use cygwin's OpenSSH (version 3.5p1) but struggle
with
> >the key compatibility. I've found some similar questions in a websearch,
but
> >they all seemed to start of from generating the key using OpenSSH, and
then
> >exporting the public key using OpenSSH's "ssh-keygen -e ..." . Instead, I
> >would need to import the private key generated by FSecure. I can do this
for
> >the public key, but not for the private key:
>
> I haven't use FSecure ssh. But I assume it is similar to the ssh.com
> software.
>
> For that:
>
> Edit the private key with the SSH.COM software. Set the
> passphrase to empty.
>
> Then use the openssh ssh-keygen to convert the private
> key (just as you would the public key).
>
> This at least works on unix.
>
-------------------
$ ssh -vvv maxwell.irsl.org
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to maxwell.irsl.org [193.60.222.159] port 22.
debug1: Connection established.
debug1: identity file /cygdrive/e/home/kris/.ssh/identity type 0
debug3: Not a RSA1 key file /cygdrive/e/home/kris/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /cygdrive/e/home/kris/.ssh/id_rsa type -1
debug1: identity file /cygdrive/e/home/kris/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version 2.0.12 F-SECURE
SSH
debug1: match: 2.0.12 F-SECURE SSH pat 2.0.11*,2.0.12*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cb
c,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cb
c,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit:
3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug2: kex_parse_kexinit:
3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug2: kex_parse_kexinit: hmac-md5,md5-8,none
debug2: kex_parse_kexinit: hmac-md5,md5-8,none
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: dh_gen_key: priv key bits set: 197/384
debug1: bits set: 499/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename
/cygdrive/e/home/kris/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename
/cygdrive/e/home/kris/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'maxwell.irsl.org' is known and matches the DSA host key.
debug1: Found key in /cygdrive/e/home/kris/.ssh/known_hosts:1
debug1: bits set: 522/1024
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: buggy server: service_accept w/o service
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug3: sign_and_send_pubkey
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_dsa
debug3: no such identity: /cygdrive/e/home/kris/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
kris@maxwell.irsl.org's password:
- Previous message: B. Joshua Rosen: "Re: OpenSSH through a Firewall"
- In reply to: Neil W Rickert: "Re: Exporting Fsecure private key to OpenSSH"
- Next in thread: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"
- Reply: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
