Re: ssh2 <--> openssh public key authentication
>>>>> "Rob" == Rob Mahurin <robm@mad.scientist.com> writes:
Rob> Hello, I am trying to set up public-key authentication
Rob> between a SunOS box ("larry") running ssh2 and a dialup
Rob> Debian box ("peon") running potato with OpenSSH 1:2.5.2p2-1
Rob> compiled from sid. From larry, the SunOS box, I can do "ssh
Rob> peon" without being prompted for a password; however, running
Rob> "ssh larry" from peon requires a password.
I am trying to do the same thing... (where did you find this
documented? I looked but couldn't find anything.)
Rob> On peon I have: .ssh/config containing PubkeyAuthentication
Rob> yes and IdentityFile $HOME/.ssh/id_dsa .ssh/id_dsa{,.pub}
Rob> made with ssh-keygen .ssh/peon.pub made with ssh-keygen -f
Rob> id_dsa -x
I tried:
[559] [snoopy:bam] ~/.ssh >ssh-keygen
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/bam/.ssh/identity):
/home/bam/.ssh/identity already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/bam/.ssh/identity.
Your public key has been saved in /home/bam/.ssh/identity.pub.
The key fingerprint is:
f0:2b:36:87:20:e0:dd:cd:72:cf:b7:56:9d:4e:44:f5 bam@snoopy
[560] [snoopy:bam] ~/.ssh >ssh-keygen -f identity -x
Enter passphrase:
load failed
and:
[562] [snoopy:bam] ~/.ssh >ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/bam/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/bam/.ssh/id_dsa.
Your public key has been saved in /home/bam/.ssh/id_dsa.pub.
The key fingerprint is:
65:98:68:b5:2a:a7:0f:89:8a:ab:4f:ec:f4:2a:1f:3f bam@snoopy
[566] [snoopy:bam] ~/.ssh >ssh-keygen -f id_dsa.pub -x
Enter passphrase:
load failed
but got stuck at this point. of course the top version shouldn't work
(am I correct in assuming that ssh2 doesn't support RSA keys?), but I
found it curious that both has the same error.
maybe I missed up the build-dependencies, when I rebuilt the latest
unstable version for potato, but I don't think so...
ii libwrap0-dev 7.6-4 Wietse Venema's TCP wrappers library, develo
ii zlib1g-dev 1.1.3-5 compression library - development
ii libssl096-dev 0.9.6-1 SSL development libraries
ii libpam0g-dev 0.72-9 Development files for PAM
ii libgnome-dev 1.2.11-ximian. The Gnome libraries -- development package
ii groff 1.15.2-1 GNU troff text-formatting system.
ii debhelper 2.0.86 helper programs for debian/rules
ii libssl096-dev 0.9.6-1 SSL development libraries
(I need to double check this later).
Also ssh -v -v -v gives a number of strange errors:
debug3: Bad RSA1 key file /home/bam/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: no key found
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
so it looks like that ssh-keygen is creating the key in the wrong
format.
Rob> On larry I have: .ssh2/peon.pub copied from peon
Rob> .ssh2/authorization containing Key peon.pub
So I expect I am doing something obvious that is completely wrong ;-),
but not sure what.
Thanks in advance.
--
Brian May <bam@debian.org>
Reply to: