login about faq

Using Public Key Authentication With Keys Generated by ssh-keygen

1

I'm attempting to use public key authentication with my Linux server.

As a client, I'm using SSH Tectia Client 5.0.1.79 (but I'd be glad to upgrade if this will help).

As an SSH daemon on the server I'm using the default sshd that comes with Linux. I do not want to change this on the server.

I also use Putty as an SSH terminal (it works with emacs quite well), but I like the SFTP capability of the Tectia product (seems to be the nicest SFTP client). I got Putty to work with public key authentication (I had to convert private key formats), but I haven't had any luck with the SSH Tectia Client.

I want public key authentication that will work with both Putty and SSH Tectia Client. Right now I can only get Putty to work.

The way I am generating the key on the server is using:

ssh-keygen -t rsa -b 2048

and of course I use a passphrase for the private key.

I place the public key into .ssh/authorized_keys, and place the passphrase-protected private key on my Windows client.

However, I can't get SSH Tectia Client to work with a key generated in this way.

Is there an import or conversion process?

Am I generating the wrong type of key?

How is this done?

asked May 05 '10 at 20:56

David%20T.%20Ashley's gravatar image

David T. Ashley
113

edited Aug 06 '10 at 13:17

Roman's gravatar image

Roman ♦♦
7835817
4 Answers:
oldestnewestmost voted
1

The right way to set up public key authentication is to generate the keys on the client host and distribute the public keys to server hosts. You should never transfer the security critical private key from where it was generated.

More recent versions of Tectia Client come with a key generation and upload wizard which makes this rather easy to set up. You can generate the key and upload the public key right from the Tectia Configuration GUI with a couple of mouse clicks.

If you were running a Tectia Server, the GUI would be all you need. Since you're running an OpenSSH server, after uploading the public key you need to convert it to a format OpenSSH understands and add it in the authorized_keys file:

ssh-keygen -i -f id_dsa_2048_a.pub >> $HOME/.ssh/authorized_keys

Here id_dsa_2048_a.pub is the name of the public key file in Tectia (RFC 4716) format. The file name may vary, of course.

link

answered May 06 '10 at 08:23

Ville%20Laurikari's gravatar image

Ville Laurikari
131129
0

this is useless info. keygen on tectia outputs in one format, but there's no documentation ANYWHERE ON YOUR SITE on how to actually PUT THAT KEY into the authorized_keys2 file. USELESS.

link

answered Oct 05 '11 at 18:44

tsal's gravatar image

tsal
1

Maybe I'm misunderstanding what you're saying here but I believe Ville's answer above does just that. The command referenced uses OpenSSH keygen to import the public key (which is in Tectia format) to OpenSSH format and append it to the authorized_keys file. This should work for any OpenSSH server version 3.0 or newer. The authorized_keys2 file was deprecated since OpenSSH 3.0.

(Oct 11 '11 at 09:44) Roman ♦♦ Roman's gravatar image
0

if i have ssh client, and tectia windows server, how to generate the key in ssh client, and convert the pub key for tectia?

link

answered Nov 16 '11 at 05:47

siakhooi's gravatar image

siakhooi
1
0

Let me rephrase David's original question so that it corresponds to my case:

Can I use or import/convert a PuTTY native format *.PPK key so that it can be used by Tectia?

link

answered Feb 23 '12 at 22:21

Christophe's gravatar image

Christophe
1

1

Hi, yes this is possible using Putty's own puttygen.exe, loading the ppk key, going to conversions and exporting the key out in OpenSSH format. Tectia Client and Server versions 5.2 an newer work with OpenSSH keys without any need for conversion.

(Feb 24 '12 at 22:41) Roman ♦♦ Roman's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×54
×38
×4
×1

Asked: May 05 '10 at 20:56

Seen: 14,846 times

Last updated: Feb 24 '12 at 22:41

Related questions

Could not find the received public key in user's public key authorization file or directory

How do I setup public key authentication with SSH Tectia Client 6.0.12?

How to setup public key authentication between Tectia and OpenSSH?

411 Login_failure, No more auth methods available

Specifying identity file from command line is not supported.

automated acceptance of servers public key

How can I manually setup public key authentication using Tectia Client and Server?

unable to convert tectia pub key to openssh format (1024 bit, rsa)

How do I enable direct root login in SSH Tectia 6 Linux?

Why user authentication fails for Local Account(Domain vs Local account)

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.