Re: SSH Key Authentication Problem
From: David (spam_at_nospam.com)
Date: 05/21/03
- Next message: Mike: "Re: no pwd prompt no ssh-agent"
- Previous message: Neil W Rickert: "Re: Can cron jobs share ssh-agent?"
- In reply to: IVANYI Ivan: "Re: SSH Key Authentication Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 May 2003 13:22:14 +0100
I got it working now.
I started over from scratch by deleting my keys off my linux server and off
the windows client.
I then generated a new key pair in the windows client, uploaded it to the
linux server, and ran the command you told me to use.
I can now successfully loginto my linux server from the windows client using
my newly generated keys.
The contents of my .ssh and .ssh2 folders are now:
[david@altair david]$ ll .ssh
total 8
-rw-rw-r-- 1 david david 213 May 21 13:06 authorized_keys2
-rw-r--r-- 1 david david 1863 May 16 00:05 known_hosts
[david@altair david]$ ll .ssh2
total 8
-rw-r--r-- 1 david david 345 May 21 12:58 altair.pub
-rw-r--r-- 1 david david 15 May 21 12:58 authorization
[david@altair david]$
I now can't loginto my linux server from another linux client using my
windows generated private key presumably because it is in the wrong format.
How do I convert my windows generated private key so linux can read it? I
tried using the command to convert the public key but I got this error:
$ ssh-keygen -X -f ~/.ssh/winprivkey > ~/.ssh/privkey
unsupported cipher 3des-cbc
decode blob failed.
- David
----- Original Message -----
From: "IVANYI Ivan" <ivan.ivanyi@isb-sib.ch>
To: "David Bull" <dpbull@essex.ac.uk>
Sent: Wednesday, May 21, 2003 12:51 PM
Subject: Re: SSH Key Authentication Problem
> the .ssh2 folder is the default for commercial ssh (ssh.com) keys and
> configuration files. .ssh for OpenSSH of course...
>
> normally if you've connected from windows with the Commercial ssh client
you
> have an option in the menus to upload the key (doesn't matter but it would
have
> put it in .ssh2)
>
>
> have you tried running the command? on my redhat 8... OpenSSH_3.4p1, SSH
> protocols 1.5/2.0
>
> neither the man nor the help show the -X option of ssh-keygen but it does
exist....
>
> the -X option basically converts the key the was generated for SSH
Commercial to
> work with OpenSSH... not sure about the specifics... can't remember as a
long
> time ago I setup a web page for myself to remind me about the different
ways of
> doing key authentication between different versions of SSH...
>
> David Bull wrote:
> > My keys are all stored in ~/.ssh and I have no ~/.ssh2 folder.
> > Also, the -X option for ssh-keygen doesn't seem to exist, at least with
my
> > copy of ssh-keygen.
> > What is that command supposed to do?
> >
> >
> > ----- Original Message -----
> > From: "IVANYI Ivan" <ivan.ivanyi@isb-sib.ch>
> > Newsgroups: comp.security.ssh
> > Sent: Tuesday, May 20, 2003 3:21 PM
> > Subject: Re: SSH Key Authentication Problem
> >
> >
> >
> >>on the linux server run this command...
> >>
> >>ssh-keygen -X -f ~/.ssh2/my_pub_key.pub > ~/.ssh/authorized_keys2
> >>
> >>
> >>David wrote:
> >>
> >>>Hi,
> >>>I have a Linux Server running Mandrake 9.0 on the end of a broadband
> >>>connection behind a firewall. I have opened up the SSH port so I can
> >
> > access
> >
> >>>the machine when I am elsewhere. Currently I am using passwords to
> >>>authenticate with the server, but I would like to turn this off and
just
> >
> > use
> >
> >>>key authentication.
> >>>
> >>>The version of SSH running on the linux box is:
> >>>$ ssh -V
> >>>OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
> >>>
> >>>I have generated my private and public keys by using
> >>>$ ssh-keygen -t rsa
> >>>The filenames for the keys were identity and identity.pub.
> >>>I then copied my public key (identity.pub) to authorized_keys2.
> >>>
> >>>The contents of my .ssh folder is now:
> >>>-rw-r--r-- 1 david david 229 May 19 14:29
authorized_keys2
> >>>-rw------- 1 david david 951 May 19 14:42 identity
> >>>-rw-r--r-- 1 david david 229 May 19 14:29 identity.pub
> >>>-rw-r--r-- 1 david david 1863 May 16 00:05 known_hosts
> >>>
> >>>From any Linux machine which has my private key in the .ssh folder I
can
> >>>sucesfully log into my Linux server using the SSH keys and my
> >
> > passphrase.
> >
> >>>So far so good.
> >>>
> >>>My problem occurs when I try and log into my linux server using a
> >
> > Windows
> >
> >>>SSH client. My main Windows SSH client is the one from ssh.com:
> >>>C:\>ssh2 -V
> >>>SSH Secure Shell 3.2.3 Windows Client
> >>>Product: SSH Secure Shell for Workstations
> >>>This is the output from the command-line verision of SSH although I
> >
> > normally
> >
> >>>use the GUI.
> >>>
> >>>I have copied my private and public key from my linux server and placed
> >
> > it
> >
> >>>in the userkeys folder of the windows ssh client, but when I connect my
> >>>client gives the error:
> >>>Failed to read your public key file "C:\Document and
> >>>Settings\David\Application Data\SSH\UserKeys\identity.pub".
> >>>and then resorts back to password authentication.
> >>>
> >>>Upon further investigation I noticed that when I generate keys with the
> >>>Windows SSH client, the format of both the private and public key files
> >
> > are
> >
> >>>different to the ones generated by ssh-keygen under Linux.
> >>>
> >>>I tried placing the keys generated by the Windows client on the Linux
> >
> > server
> >
> >>>but then the key authentication fails completely both when logging in
> >
> > from
> >
> >>>another Linux client and from Windows.
> >>>
> >>>I then put the Linux generated keys back onto the Linux server so
> >
> > everything
> >
> >>>was back as it was. I coped the keys off the Linux server and placed
> >
> > them in
> >
> >>>the UserKeys folder of my Windows SSH client as before, but this time I
> >>>modified the format of the key files so they were the same as the
format
> >
> > of
> >
> >>>the Windows generated keys. When I connect to the server from Windows
it
> >
> > can
> >
> >>>now read the keys and asks for my passphrase. Unfortunately it wont
> >
> > accept
> >
> >>>my passphrase even though I know it is correct! Again it then resorts
> >
> > back
> >
> >>>to password authentication.
> >>>
> >>>ARGH!
> >>>Has anyone managed to get SSH Key authentication to work succesfully
> >
> > with a
> >
> >>>Linux OpenSSH server and and Windows SSH client?
> >>>BTW - I have had no success using the the Windows Putty SSH client
> >
> > either.
> >
> >>>Any help would be greatly appreciated.
> >>>Thanks in adavnce,
> >>>- David
> >>>
> >>>
> >>
> >>--
> >>************************************************************
> >>******* Please note the change in telephone numbers ********
> >>************************************************************
> >>
> >>
> >>Ivan Ivanyi
> >>
> >>Swiss Institute of Bioinformatics
> >> 1, rue Michel Servet
> >> CH-1211 Genève 4
> >> Switzerland
> >>
> >> Tel: (+41 22) 379 58 33
> >> Fax: (+41 22) 379 58 58
> >> E-mail: Ivan.Ivanyi@isb-sib.ch
> >>
> >
> >
>
> --
> ************************************************************
> ******* Please note the change in telephone numbers ********
> ************************************************************
>
>
> Ivan Ivanyi
>
> Swiss Institute of Bioinformatics
> 1, rue Michel Servet
> CH-1211 Genève 4
> Switzerland
>
> Tel: (+41 22) 379 58 33
> Fax: (+41 22) 379 58 58
> E-mail: Ivan.Ivanyi@isb-sib.ch
>
- Next message: Mike: "Re: no pwd prompt no ssh-agent"
- Previous message: Neil W Rickert: "Re: Can cron jobs share ssh-agent?"
- In reply to: IVANYI Ivan: "Re: SSH Key Authentication Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
