HPE Community
Operating System - HP-UX
1834052 Members
2529 Online
110063 Solutions
New Discussion

Re: fsecure ssh2 and openssh

 
Charles McCary
Valued Contributor

‎04-13-2004 03:35 AM

‎04-13-2004 03:35 AM

fsecure ssh2 and openssh

Group,

Hi - I'm having an issue with an fsecure client (HP 11.00) trying to connect without being prompted for a password to a linux host running openssh.

The linux host is not in my control, but I do have ssh access to it (with a passphrase).

It seems that no matter what I do on either side, I get prompted for a passphrase.

What I've done so far:

On the client
1) generated the public key on the HP (fsecure ssh2 box).
2) created the identification file on the fsecure box in the .ssh2 dir

On the server (running openssh)
1) put the contents of my pub file in the .ssh/authorized_keys file.
2) put the contents of my pub file in the .ssh/authorized_keys2 file.
3) copied my .pub file from the client to the .ssh dir
4) put the following in the .ssh/authorization file
Key authorized_keys2

Don't know if all of the steps on the server were necessary or not and I've played around with the authoriztion file some.

Nothing gets me past the prompt for the passphrase.

Any ideas will be appreciated.

0 Kudos
Reply
2 REPLIES 2
Sanjay_6
Honored Contributor

‎04-13-2004 03:58 AM

‎04-13-2004 03:58 AM

Re: fsecure ssh2 and openssh

Hi,

Was the public key generated with a ssh-keygen -P option.

This is the process that i use,

-------------

-Log in as user account that will be SCPing files
-run this command:
/usr/local/bin/ssh-keygen2 -P
-cd ~/.ssh2
-run this command:
echo "IDKey id_dsa_1024_a" > identification

On remote machines(these next steps are done for each machine that the files will be SCPed to):
-Log in as user account that will be receiving the SCP files
-if ~/.ssh2 doesn't exist, run this command:
mkdir ~/.ssh2
-cd ~/.ssh2
-mkdir keys
-cd keys
-Get(ftp, scp, etc) the file ~/.ssh2/id_dsa_1024_a.pub from local machine and
put it in the remote ~/.ssh2/keys directory. Name it something unique. Something like ~/.ssh2/keys/userid.localmachinename.pub
-cd ~/.ssh2
-Run the command:
echo "Key keys/userid.localmachinename.pub" >> authorization
(replace userid.localmachinename.pub with whatever the file was named).

That's it. You can test it out by running the following from the local machine:
ssh remotemachine hostname

It should return the remote machine's hostname without prompting for a password.

---------------

Hope this helps.


Regds
0 Kudos
Reply
John Kelly_3
Regular Advisor

‎04-15-2004 01:38 AM

‎04-15-2004 01:38 AM

Re: fsecure ssh2 and openssh

Also make sure the ownership is correct on the remote .ssh(2) directory and the permissions are set to 0600 on this directory and all files held within.
Sshd is fussy!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.