Re: Exporting Fsecure private key to OpenSSH

From: Kris Thielemans (kris.thielemans@ic.ac.uk)
Date: 04/07/03

  • Next message: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"
    From: "Kris Thielemans" <kris.thielemans@ic.ac.uk>
    Date: Mon, 7 Apr 2003 00:10:49 +0100
    
    

    Thanks Neil,

    this almost worked...
    I can indeed import the private key now into OpenSSH. Then doing an ssh -vvv
    shows that ssh can now indeed read the private key. Unfortunately, the sshd
    at the other side does not seem to accept it. I fall back to password
    again... The relevant lines of the output of ssh -vvv are below.

    debug1: next auth method to try is publickey
    debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_rsa
    debug1: read PEM private key done: type RSA
    debug3: sign_and_send_pubkey
    debug2: we sent a publickey packet, wait for reply
    debug1: authentications that can continue: publickey,password
    debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_dsa
    debug3: no such identity: /cygdrive/e/home/kris/.ssh/id_dsa
    debug2: we did not send a packet, disable method

    Full output is again at the end of the post.

    Any ideas?

    Kris

    Neil W Rickert <rickert+nn@cs.niu.edu> wrote in message
    news:b6o7bo$l15$2@husk.cso.niu.edu...
    > "Kris Thielemans" <kris.thielemans@ic.ac.uk> writes:
    >
    > >Now I would like to use cygwin's OpenSSH (version 3.5p1) but struggle
    with
    > >the key compatibility. I've found some similar questions in a websearch,
    but
    > >they all seemed to start of from generating the key using OpenSSH, and
    then
    > >exporting the public key using OpenSSH's "ssh-keygen -e ..." . Instead, I
    > >would need to import the private key generated by FSecure. I can do this
    for
    > >the public key, but not for the private key:
    >
    > I haven't use FSecure ssh. But I assume it is similar to the ssh.com
    > software.
    >
    > For that:
    >
    > Edit the private key with the SSH.COM software. Set the
    > passphrase to empty.
    >
    > Then use the openssh ssh-keygen to convert the private
    > key (just as you would the public key).
    >
    > This at least works on unix.
    >

    -------------------
    $ ssh -vvv maxwell.irsl.org
    OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
    debug1: Rhosts Authentication disabled, originating port will not be
    trusted.
    debug1: ssh_connect: needpriv 0
    debug1: Connecting to maxwell.irsl.org [193.60.222.159] port 22.
    debug1: Connection established.
    debug1: identity file /cygdrive/e/home/kris/.ssh/identity type 0
    debug3: Not a RSA1 key file /cygdrive/e/home/kris/.ssh/id_rsa.
    debug2: key_type_from_name: unknown key type '-----BEGIN'
    debug3: key_read: no key found
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug3: key_read: no space
    debug2: key_type_from_name: unknown key type '-----END'
    debug3: key_read: no key found
    debug1: identity file /cygdrive/e/home/kris/.ssh/id_rsa type -1
    debug1: identity file /cygdrive/e/home/kris/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version 2.0.12 F-SECURE
    SSH
    debug1: match: 2.0.12 F-SECURE SSH pat 2.0.11*,2.0.12*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.5p1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit:
    diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cb
    c,rijndael-cbc@lysator.liu.se
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cb
    c,rijndael-cbc@lysator.liu.se
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
    ,hmac-md5-96
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
    ,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-dss
    debug2: kex_parse_kexinit:
    3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
    debug2: kex_parse_kexinit:
    3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
    debug2: kex_parse_kexinit: hmac-md5,md5-8,none
    debug2: kex_parse_kexinit: hmac-md5,md5-8,none
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_init: found hmac-md5
    debug1: kex: server->client 3des-cbc hmac-md5 none
    debug2: mac_init: found hmac-md5
    debug1: kex: client->server 3des-cbc hmac-md5 none
    debug1: dh_gen_key: priv key bits set: 197/384
    debug1: bits set: 499/1024
    debug1: sending SSH2_MSG_KEXDH_INIT
    debug1: expecting SSH2_MSG_KEXDH_REPLY
    debug3: check_host_in_hostfile: filename
    /cygdrive/e/home/kris/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 1
    debug3: check_host_in_hostfile: filename
    /cygdrive/e/home/kris/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 1
    debug1: Host 'maxwell.irsl.org' is known and matches the DSA host key.
    debug1: Found key in /cygdrive/e/home/kris/.ssh/known_hosts:1
    debug1: bits set: 522/1024
    debug1: ssh_dss_verify: signature correct
    debug1: kex_derive_keys
    debug1: newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: waiting for SSH2_MSG_NEWKEYS
    debug1: newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: done: ssh_kex2.
    debug1: send SSH2_MSG_SERVICE_REQUEST
    debug1: buggy server: service_accept w/o service
    debug1: got SSH2_MSG_SERVICE_ACCEPT
    debug1: authentications that can continue: publickey,password
    debug3: start over, passed a different list publickey,password
    debug3: preferred publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: next auth method to try is publickey
    debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_rsa
    debug1: read PEM private key done: type RSA
    debug3: sign_and_send_pubkey
    debug2: we sent a publickey packet, wait for reply
    debug1: authentications that can continue: publickey,password
    debug1: try privkey: /cygdrive/e/home/kris/.ssh/id_dsa
    debug3: no such identity: /cygdrive/e/home/kris/.ssh/id_dsa
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup password
    debug3: remaining preferred: ,password
    debug3: authmethod_is_enabled password
    debug1: next auth method to try is password
    kris@maxwell.irsl.org's password:


  • Next message: Kris Thielemans: "Re: Exporting Fsecure private key to OpenSSH"

    Relevant Pages