My two cents.
Sometimes the key that is generated on Windows machines is malformed as far as openssh is concerned. Make sure your authorized_keys entry looks like this
ssh-rsa AAAAB3Nz(snip)KZbC1PEWyI4Q4esMJogfsWpXnB8Q== CommentAboutTheKey
I've used putty with it's key store 'pageant' with quite some success. It's a background application that does the key auth for you. You decrypt your key once (your private key is _should_ be encrypted.... ) and it happily does nothing most the time. I think putty prompts you for your key, but I seem to remember it having mixed success.
Hope that sheds some light on the situation.
rob
On Sun, May 2, 2010 at 10:24 PM, Kelly Leveille kel@kelweb.ca wrote:
Rob,
Is the Ubuntu server "rejecting your key" during the SSH login session? Are there any logs available from either WinSCP or from the SSH server? I think SSHD can provide some verbose real-time logging which might detail the error. Are trying to login as root when testing the keyed & password based logins?
Sorry that's all questions & no answers but maybe some part of it will point you in the right direction.
Kelly
On Sun, May 2, 2010 at 4:17 PM, Robert Dyck rbdyck2@shaw.ca wrote:
I am also trying to set up ssh. I installed OpenSSH on Ubuntu server, and downloaded WinSCP for my Windows computer. Both machines are in my home office right now, but the server will be relocated to a business office. I will continue to administer the server so want access from my home office. I need the server to be secure, so I want to use key authentication. My client machine is Windows so I can't run ssh-copy-id, so I just copied the .pub file to the server then copied it to authorized_keys. It's rejecting my key. I have passwords enabled for testing, but want to disable passwords when I actually connect through the internet. I tried to have WinSCP generate the keys and copy the .pub file to the server, and I generated keys on the server and copied the private key to my Windows desktop. WinSCP requires "importing" the private key, it adds some of it's own stuff such as the client's MAC address. Either way the server just rejects the key.
I have ensured PubkeyAuthentication is yes, AuthoriedKeysFile is uncommented, and issued the ssh restart command after each change to the server's config file.
What am I doing wrong?
Rob Dyck
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable