[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))

To: david bryce <davidbryce@xxxxxxxxxxx>
Subject: Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
From: Matthew Seaman <m.seaman@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 02 Feb 2006 07:53:59 +0000
Cc: freebsd-questions@xxxxxxxxxxx
Delivered-to: freebsd-questions@xxxxxxxxxxx
In-reply-to: <1138850846.21966.253343832@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-id: User questions <freebsd-questions.freebsd.org>
List-post: <mailto:freebsd-questions@freebsd.org>
List-subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
List-unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
Organization: Infracaninophile
References: <1138676399.30955.253148220@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20060131094135.GA2042@xxxxxxxx> <1138836616.370.253326484@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20060201234837.GA57878@xxxxxxxx> <1138840074.5777.253333547@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20060202003829.GA44801@xxxxxxxx> <1138850846.21966.253343832@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Thunderbird 1.5 (X11/20060113)

david bryce wrote:
> On Thu, 2 Feb 2006 02:38:29 +0200, "Giorgos Keramidas"
> <keramida@xxxxxxxxxxxxxxx> said:
>> On 2006-02-02 11:27, david bryce <davidbryce@xxxxxxxxxxx> wrote:
>>> On Thu, 2 Feb 2006 01:48:37 +0200, "Giorgos Keramidas"
>>>>> I have tried using SSH in the past, and got stuck setting up the
>>>>> public key login (that's why we're using pserver).
>>>>>
>>>>> I spent a few hours yesterday trying to get SSH going again. I can
>>>>> login with SSH from the windows machine using Putty, but only when
>>>>> I use password authentication. In order to use cvs with ssh (using
>>>>> the plink program in Putty), we must use public key authentication.
>>>> Unfortunately, I can't help with the Windows side.  I'm only using UNIX
>>>> machines as clients, so Putty is something new to me :-(
>>>>
>>>> Perhaps someone else on freebsd-questions can help with Putty?
>>> What about on the freebsd server side? Are there any logfiles I can
>>> look at on the server? Thanks!
>> /var/log/auth.log and /var/log/messages are the ones I'd look at.  But I
>> didn't notice anything interesting in the auth.log snippet you posted.
>>
> 
> Thanks, Giorgos! /var/log/messages didn't have anything in it either.
> You'd think there'd be a way to force sshd to write to the log why
> it rejected a private key. Thank you!

You do know that putty generates keys using the preferred SSH2-compatible
format of SSH Corp (http://www.ssh.com/) whereas the FreeBSD box you're
trying to log into uses the slightly different format from the OpenSSH
project (http://www.openssh.org/)?

If you generate your keys within putty, then copy the public key onto
your FreeBSD box you can convert the format like so:

    # ssh-keygen -i -f putty.pubkey > openssh.pubkey

If you examine the two files, you'll see that the differences are that
the OpenSSH one doesn't have the 'BEGIN' and 'END' lines, and all of
the data is on one single long line.

There's also a '-e' option for exporting OpenSSH keys to the SSH2-compatible
format.

Oh, and to get more logging info out of sshd, run it with 3 '-d' flags on
a separate port number:

    sshd -d -d -d -p 2222

That will cause ssh not to daemonize, so it will quit when you end your ssh
session.  You don't want to run sshd with max debug turned on all the time,
as it will potentially leak sensitive information.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- Attention: Giorgos Keramidas (Was: CVS Import Permissions)
  - From: david bryce
- Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions)
  - From: Giorgos Keramidas
- SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
  - From: david bryce
- Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
  - From: Giorgos Keramidas
- Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
  - From: david bryce
- Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
  - From: Giorgos Keramidas
- Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
  - From: david bryce

Prev by Date: Help me
Next by Date: Re: Attention: Garrett Cooper (Was: SSH with Public Key Authentication)
Previous by thread: Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
Next by thread: Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))
Index(es):
- Date
- Thread