SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions))

Matthew Seaman m.seaman at
Wed Feb 1 23:54:23 PST 2006

david bryce wrote:
> On Thu, 2 Feb 2006 02:38:29 +0200, "Giorgos Keramidas"
> <keramida at> said:
>> On 2006-02-02 11:27, david bryce <davidbryce at> wrote:
>>> On Thu, 2 Feb 2006 01:48:37 +0200, "Giorgos Keramidas"
>>>>> I have tried using SSH in the past, and got stuck setting up the
>>>>> public key login (that's why we're using pserver).
>>>>> I spent a few hours yesterday trying to get SSH going again. I can
>>>>> login with SSH from the windows machine using Putty, but only when
>>>>> I use password authentication. In order to use cvs with ssh (using
>>>>> the plink program in Putty), we must use public key authentication.
>>>> Unfortunately, I can't help with the Windows side.  I'm only using UNIX
>>>> machines as clients, so Putty is something new to me :-(
>>>> Perhaps someone else on freebsd-questions can help with Putty?
>>> What about on the freebsd server side? Are there any logfiles I can
>>> look at on the server? Thanks!
>> /var/log/auth.log and /var/log/messages are the ones I'd look at.  But I
>> didn't notice anything interesting in the auth.log snippet you posted.
> Thanks, Giorgos! /var/log/messages didn't have anything in it either.
> You'd think there'd be a way to force sshd to write to the log why
> it rejected a private key. Thank you!

You do know that putty generates keys using the preferred SSH2-compatible
format of SSH Corp ( whereas the FreeBSD box you're
trying to log into uses the slightly different format from the OpenSSH
project (

If you generate your keys within putty, then copy the public key onto
your FreeBSD box you can convert the format like so:

    # ssh-keygen -i -f putty.pubkey > openssh.pubkey

If you examine the two files, you'll see that the differences are that
the OpenSSH one doesn't have the 'BEGIN' and 'END' lines, and all of
the data is on one single long line.

There's also a '-e' option for exporting OpenSSH keys to the SSH2-compatible

Oh, and to get more logging info out of sshd, run it with 3 '-d' flags on
a separate port number:

    sshd -d -d -d -p 2222

That will cause ssh not to daemonize, so it will quit when you end your ssh
session.  You don't want to run sshd with max debug turned on all the time,
as it will potentially leak sensitive information.



Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP:         Ramsgate
                                                      Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list