SSH with Public Key Authentication (Was: Re: Attention: Giorgos
Keramidas (Was: CVS Import Permissions))
m.seaman at infracaninophile.co.uk
Wed Feb 1 23:54:23 PST 2006
david bryce wrote:
> On Thu, 2 Feb 2006 02:38:29 +0200, "Giorgos Keramidas"
> <keramida at ceid.upatras.gr> said:
>> On 2006-02-02 11:27, david bryce <davidbryce at fastmail.fm> wrote:
>>> On Thu, 2 Feb 2006 01:48:37 +0200, "Giorgos Keramidas"
>>>>> I have tried using SSH in the past, and got stuck setting up the
>>>>> public key login (that's why we're using pserver).
>>>>> I spent a few hours yesterday trying to get SSH going again. I can
>>>>> login with SSH from the windows machine using Putty, but only when
>>>>> I use password authentication. In order to use cvs with ssh (using
>>>>> the plink program in Putty), we must use public key authentication.
>>>> Unfortunately, I can't help with the Windows side. I'm only using UNIX
>>>> machines as clients, so Putty is something new to me :-(
>>>> Perhaps someone else on freebsd-questions can help with Putty?
>>> What about on the freebsd server side? Are there any logfiles I can
>>> look at on the server? Thanks!
>> /var/log/auth.log and /var/log/messages are the ones I'd look at. But I
>> didn't notice anything interesting in the auth.log snippet you posted.
> Thanks, Giorgos! /var/log/messages didn't have anything in it either.
> You'd think there'd be a way to force sshd to write to the log why
> it rejected a private key. Thank you!
You do know that putty generates keys using the preferred SSH2-compatible
format of SSH Corp (http://www.ssh.com/) whereas the FreeBSD box you're
trying to log into uses the slightly different format from the OpenSSH
If you generate your keys within putty, then copy the public key onto
your FreeBSD box you can convert the format like so:
# ssh-keygen -i -f putty.pubkey > openssh.pubkey
If you examine the two files, you'll see that the differences are that
the OpenSSH one doesn't have the 'BEGIN' and 'END' lines, and all of
the data is on one single long line.
There's also a '-e' option for exporting OpenSSH keys to the SSH2-compatible
Oh, and to get more logging info out of sshd, run it with 3 '-d' flags on
a separate port number:
sshd -d -d -d -p 2222
That will cause ssh not to daemonize, so it will quit when you end your ssh
session. You don't want to run sshd with max debug turned on all the time,
as it will potentially leak sensitive information.
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060202/0f05d3a0/signature.bin
More information about the freebsd-questions