HPE Community
Operating System - Linux
1829188 Members
15700 Online
109986 Solutions
New Discussion

Re: ssh passphrase!

 
ajay_34
Occasional Advisor

‎01-17-2005 05:21 PM

‎01-17-2005 05:21 PM

ssh passphrase!


case 1.
[user@localhost .ssh]$ssh-keygen -t rsa1
[user@localhost .ssh]$cat identity.pub > authorized_keys
[user@localhost .ssh]$chmod 644 authorized_keys

thats it on the server side.
then download identity(private key file) to my windows client machine.
then from windows box--->open putty-->username=user,hostname=mylinuxmachineip and rsakey(identity)

it works.it is asking for "passphrase key" when the moment i connect to my linuxbox from windows thru putty
i guess i generated rsa key ssh version is 1.

case 2:
[user@localhost .ssh]$ ssh-keygen -t rsa
[user@localhost .ssh]$ cat id_rsa.pub > authorized_keys2
[user@localhost .ssh]$ chmod 644 authorized_keys2

then download id_rsa(private key file) to my windows client machine.
then from windows box--->open putty-->username=user,hostname=mylinuxmachineip and rsakey(id_rsa)

then iam getting this error.
Sent username "user"
Trying public key authentication.
No passphrase required.
Couldn't load public key from C:\WINDOWS\Desktop\id_rsa.
user@localhost.localdomain's password:

i think i am trying to generate rsa key for SSH version 2.
i want to use SSH2 with passphrase login.

please anybody help me.

thanks in advance.
ajay.

0 Kudos
Reply
2 REPLIES 2
Fred Ruffet
Honored Contributor

‎01-17-2005 09:58 PM

‎01-17-2005 09:58 PM

Re: ssh passphrase!

Something strange about what you do :
Using Putty, you should generate keys on windows machine using PuTTYgen, then send your public key to remote host (and add it to authorized_keys file).

Have you set up sshd_config and ssh_config files ? Have you generated system wide keys ?

I use the following :

-----
file sshd_config

Port 22
Protocol 2,1
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 1024
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts yes
known_hosts for RhostsRSAAuthentication
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
SyslogFacility AUTHPRIV
LogLevel INFO
RhostsAuthentication no
RhostsRSAAuthentication no
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
Subsystem sftp /usr/libexec/openssh/sftp-server

-----
file ssh_config

Host *
ForwardX11 yes
IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_dsa
IdentityFile ~/.ssh/id_rsa
Port 22
Protocol 2,1

-----

Then launch following commands as root (enter passphrases when asked for) :

ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -t rsa1
ssh-keygen -b 1024 -f /etc/ssh/ssh_host_rsa_key -t rsa
ssh-keygen -b 1024 -f /etc/ssh/ssh_host_dsa_key -t dsa
ssh-keygen -b 1024 -t rsa1
ssh-keygen -b 1024 -t rsa
ssh-keygen -b 1024 -t dsa

then I send my public key to /root/.ssh by ftp and append it to authorized_keys.

Now I can connect root with ssh and passphrase authentication.

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
Andrew Cowan
Honored Contributor

‎01-18-2005 06:53 PM

‎01-18-2005 06:53 PM

Re: ssh passphrase!

ajay,

The most common problem is when you have cut and pasted your key from Windows and it has picked-up some line-break characters. Check that your key is definitely one continuous line.

The "-t rsa" option generates type-2 RSA keys by default.

Check the permissions of your ~/.ssh directory and all the files in it. SSH will refuse the key unless it is considered to be secure.

Check also that when you ssh into your target system that it knows you by the same hostname as that shown next to the key. If not the key will also be rejected.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.