Putty and pre-shared keys with Cygwin's sshd
Andrey Repin
anrdaemon@freemail.ru
Sat Jan 21 20:35:00 GMT 2012
Greetings, Andrew DeFaria!
>> What key type you generate? How do you save both parts of the key? You
>> said you copied public key, did you saved private key as well? Or you
>> just assumed it was saved somewhere automatically? -- WBR, Andrey
>> Repin (anrdaemon@freemail.ru) 21.01.2012, <16:36> Sorry for my
>> terrible english...
> OK, here's what I did now:
> * Regenerated a SSH-2 DSA key 1024 bit
> * Saved the public and private keys
> * Copied the public key from the box in puttygen that says "Public key
> for the pasting into authorized-keys file" and pasted it into my
> machine's ~/.ssh/authorized_keys
> * Ran putty on the remote machine and made sure to point the
> Connection: SSH: Auth pointed to the private key I saved from
> puttygen (a .ppk file).
> Attempted to connect with that and I got:
> Using username "adefaria"
> Server refused our key
> adefaria@ltsdo-adefaria's password:
> What did I do wrong?
Ok, now we're talking. There's indeed a tricky part involved, let me try to
cover it for you.
On puttygen part, it seems you did it right. (Though, saving public key part is
only required for ssh servers compliant with RFC4716.)
On connection part... seems like you've supplied the right login name...
On server part...
First. Make sure your ssh server is configured to allow DSA keys. RSA keys are
more common, as I've discovered. And sometimes servers configured to disallow
DSA key authentication, even if they are offering DSA key themselves.
Second, double-check server log for reason to refuse the key. The top (IMO)
reason to refuse key authentication is wrong access mask on ~/.ssh/authorized_keys
file. It must not be group- or world-writable.
--
WBR,
Andrey Repin (anrdaemon@freemail.ru) 22.01.2012, <00:18>
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list