On Fri, 2003-08-01 at 12:59, System Administrator wrote: > This gets LONG.... > On Friday 01 August 2003 12:25, Bret Hughes wrote: > > On Fri, 2003-08-01 at 10:04, System Administrator wrote: > > > see below... > > > > > > On Thursday 31 July 2003 21:38, Bret Hughes wrote: > > > > On Thu, 2003-07-31 at 18:07, System Administrator wrote: > > > > > Yes, this is a perfect example of why we should 'just get rid of > > > > > windows'. But.....that is not an option right now. > > > > > > > > > > I am trying to setup SSH with public-key encription to a RH8 box. I > > > > > am running OpenSSH 3.4p2. All default setup. > > > > > > > > > > Of course the other *UX boxes manage just fine (thanks to a VERY good > > > > > write-up from akadia.com). > > > > > > > > > > The Windows (NT,2000) systems, on the other hand, can't seem to get > > > > > it right. I have tried ssh secure shell. I found writeups on the > > > > > website. But it Didn't work. but not diags to see why. I try putty > > > > > and geta message saying "Key is of wrong type (PuTTY SSH2 private > > > > > key)" . If I look at the actual entry (authorized_keys) in the .ssh > > > > > folder, it list the entry as "public key". Again I followed the > > > > > documentation to generate the keys. At least I think I did. > > > > > > > > > > Any insights will be appreciated. > > > > > -- > > > > > > > > Did do the key conversion before you put the public key in the other > > > > host? Are you sure you generated a type 2 key? > > > > > > Yes and Yes. I actually went throught the process several times. The > > > last time I made sure that I documented each step. > > > > > > > You really did not give us much to go on. > > > > > > If there is more info I can give to assist you "please" let me know. I > > > see no security issues in providing the information. I have full scale > > > code developement going on and they are using a makeshift document > > > control setup until I can get this going. > > > > > > > Ok one caveat, I have only done this once from a W2000 box and have > > slept since then. I have setup hundreds of openssh boxes though. > > > > Assumptions: > > > > The linux host is setup so that the same user can connect from another > > linux box. User specific is important because perms on the > > authorized_keys file can cause failures. > Correct > > > > The windows generated public key has been converted to openssh format > > and has been installed in the user's ~/.ssh/authorized_keys[2] file > Correct, authorized_keys is the actual file. > > > > > > The first thing I would do is put the ssh server into debug mode. > > > > If you can tell everyone to leave it alone for a minute: > > > > try to connect from the windows box using whatever debug options exist > > in the client. > > > > take a look at the output and see if you can tell what is going wrong. > > > > If not post the output to the list. someone here will be able to figure > > it out. > > > > Bret > Here's the output: > > The Good - > Solaris 8 system > OpenSSH > User - clsonnt >
<snip> debug1: match: OpenSSH_3.4p1 pat OpenSSH* > Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-1.99-OpenSSH_3.4p1 <snip> > debug1: trying public key file /home/clsonnt/.ssh/authorized_keys > debug2: key_type_from_name: unknown key type '1024' <snip> > debug1: trying public key file /home/clsonnt/.ssh/authorized_keys2 > debug1: matching key found: file /home/clsonnt/.ssh/authorized_keys2, line 1 > Found matching DSA key: e5:75:a5:19:f0:3b:1d:b0:f7:31:30:37:cc:76:57:2f <snip> > debug1: Setting controlling tty using TIOCSCTTY. > > > The Bad - > WinNT system > PuTTY 0.53b > User - clsonnt > > Debug output > > debug1: sshd version OpenSSH_3.4p1 <snip> > debug1: Client protocol version 1.5; client software version Here is the first problem putty is attempting to connect with protocol 1 under the ssh settings in the putty screen is a protocol setting set it to 2 only and see what happens Make sure that under auth you have the correct private key file selected. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
