Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] encore:.. winscp& openssh
  • From: piet <prooroa@xxxxxxxxxx>
  • Date: Thu, 15 Dec 2005 10:18:47 +0100
  • Message-id: <43A134F7.9000305@xxxxxxxxxx>
Michel Messerschmidt wrote:
Dirk Schreiner said:
Miguel ALBUQUERQUE wrote:
piet <prooroa@xxxxxxxxxx> wrote on 14.12.2005 17:04:19:
I made a public & private key with PuTTY, copy-paste the public to a
text file: renamed it
put it in /home/xxxx/.ssh
You did export it as openssh-key right?
Give it a try the other way:

use ssh-keygen on the linux box.

ssh-keygen -b 4096 -t rsa -C my_linux_box_key -f my_linux_box_key

Give a propper passphrase.

cat >> authorized_keys

Copy the my_linux_box_key to youre win Box, and open
the key with puttygen.
Save it afterwards in ppk format and use this key to
connect to the linux box.

It's better to convert the public key from putty into openssh format.
This can be done by hand or with ssh-keygen:
ssh-keygen -i -f > ~/.ssh/
cat >>authorized_keys

And don't forget to remove the previous entries for this key from

What is the output if you try to connect with putty on your suse server?
Try: plink.exe -v -i <privatekey.ppk> <user>@<host>

goodmorning to All,

one thing that strikes me is the files generated on XP are executable
should this be changed? I frolliced with that without result

to avoid being trapped in some 4096 1024 bug, I am trying (without succes) a regular RSA 1024 key, as thats the default with putty of winscp.

If I do Pam password on in the sshd_config I can logon, so I guess (?)
there is no firewall problem

Maybe it is an idea to let sshkeygen make the putty key too... is that possible?
here is the plink output:

plink -v -i my_SuSE_pri
v_key.ppk piet@xxxxxxxxxxx
Server version: SSH-2.0-OpenSSH_3.9p1
We claim version: SSH-2.0-PuTTY_Release_0.58
Using SSH protocol version 2
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange
Host key fingerprint is:
ssh-rsa 1024 f8:e3:73:18:44:78:f8:48:0c:5c:89:c3:8a:01:f1:64
Initialised AES-256 client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "piet".
Reading private key file "my_SuSE_priv_key.ppk"
Offered public key
Server refused our key
Server refused public key
Keyboard-interactive authentication refused
No supported authentication methods left to try!
No supported authentications offered. Disconnecting
Server closed network connection

< Previous Next >
Follow Ups