Security
cancel
Showing results for 
Search instead for 
Did you mean: 

ssh from tru64 to windows without password

Saszaly
Advisor

ssh from tru64 to windows without password

Hi Guys,

Im able to ssh from tru64 to another tru64 without password. I have copied over the public key generated from tru64 to the Windows.

What should i do on the Windows so that i can ssh without password? Windows is using OpenSSH_4.7p1, OpenSSL 0.9.8g 19 Oct 2007


debug: SshAppCommon/sshappcommon.c:185: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2802: Version not found on first line, assuming configuration to be old style.
debug: SshConfig/sshconfig.c:649: Setting variable 'VerboseMode' to 'FALSE'.
debug: SshConfig/sshconfig.c:2744: Unable to open /pusers/mtmoper/.ssh2/ssh2_config
debug: Connecting to 10.102.7.21, port 22... (SOCKS not used)
debug: Ssh2/ssh2.c:2349: Entering event loop.
debug: Ssh2Client/sshclient.c:1456: Creating transport protocol.
debug: SshAuthMethodClient/sshauthmethodc.c:95: Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:95: Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1497: Creating userauth protocol.
debug: client supports 2 auth methods: 'publickey,password'
debug: SshUnixTcp/sshunixtcp.c:1231: using local hostname profile.bcb.com.my
debug: Ssh2Common/sshcommon.c:541: local ip = 173.30.199.25, local port = 2358
debug: Ssh2Common/sshcommon.c:543: remote ip = 10.102.7.21, remote port = 22
debug: SshConnection/sshconn.c:1957: Wrapping...
debug: SshReadLine/sshreadline.c:3388: Initializing ReadLine...
debug: Remote version: SSH-2.0-OpenSSH_4.7
debug: OpenSSH: Major: 4 Minor: 7 Revision: 0
debug: Ssh2Transport/trcommon.c:1530: All versions of OpenSSH handle kex guesses incorrectly.
debug: Ssh2Transport/trcommon.c:1913: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1978: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1981: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Remote host key found from database.
debug: Ssh2Common/sshcommon.c:342: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common/sshcommon.c:392: Received SSH_CROSS_ALGORITHMS packet from connection protocol.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1602: adding keyfile "/pusers/mtmoper/.ssh2/mtmoper-profile" to candidates
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthClient/sshauthc.c:330: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,password,keyboard-interactive'.
debug: Ssh2AuthPasswdClient/authc-passwd.c:117: Starting password query...


Windows side disabled public key auth?
5 REPLIES
Steven Schweda
Honored Contributor

Re: ssh from tru64 to windows without password

> I have copied over the public key generated
> from tru64 to the Windows.

> Windows is using OpenSSH_4.7p1 [...]

Tru64 (like VMS) uses SSH2-compatible key
files, and their formats are different from
those of OpenSSH-compatible key files, which
your Windows (OpenSSH) system would seem to
want.

I know nothing about SSH on Windows, but I'd
guess that the ssh-keygen program there has
something like a "-X" or "-i" option which
will let you convert your Tru64 key file(s)
to OpenSSH format.

Also, instead of ~/.ssh2/authorization
holding a list of key filenames, with OpenSSH
you may need to put the actual key data into
~/.ssh/authorized_keys (or whatever it is on
Windows). You'll probably want to read the
OpenSSH-for-Windows documentation to see how
(differently) things are arranged there.

On a UNIX system, the SSH server normally
logs some potentially informative error
messages in cases like this. What happens on
Windows is yet another mystery (to me, at
least).
Saszaly
Advisor

Re: ssh from tru64 to windows without password

Hi Steven,

Thank you for your reply. Anyway i did what you suggested. I still cant connect to the windows without password.

The sshd_config on the windows look suspicous to me. Since i do not own the windows machine, i just cant change the config to test.

# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/bin:/usr/sbin:/sbin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh_host_rsa_key
#HostKey /etc/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
StrictModes no
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/sbin/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server

Saszaly
Advisor

Re: ssh from tru64 to windows without password

allright case closed.

Saszaly
Advisor

Re: ssh from tru64 to windows without password

1. copy over public key to windows
2. ssh-keygen -i (enter public key when prompt)
3. copy output from above into authorized_keys
4. add user@host at the end of the public key

my mistake for not noticing the requirement for user@host
Steven Schweda
Honored Contributor

Re: ssh from tru64 to windows without password

Sometimes it helps to make a set of key files
on a system, simply to see how good ones
look, as a guide to help you convert the keys
you really want to use.