LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 06-03-2008, 02:09 AM   #1
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 579

Rep: Reputation: 30
Thumbs up How can i import my RSA key


Geeks,

Am using a rsa-key to connect to my server , from windows using Open-ssh.
Now i want to connect to the server , from my Linux box using the same key.

How can i import the key?

ANY IDEA....
 
Old 06-03-2008, 03:45 AM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
The keys in Linux are id_rsa and is_rsa.pub. The keys in Putty end in *.ppk and the public key should have public in it. You can run the putty genkey program, load the putty keys (from where you saved them). Then cut & paste the public key displayed on top. It is in the same format as a Linux public key. From the menu, export the private key.

I would recommend that you use a Linux key pair and add id_rsa.pub to the end of ~/.authorized_keys. Shared keys are generally not a good idea. Also, the options field in a public key entry allow things like host control. This can help protect the server even if the key is lost. For example you can restrict loggins from 192.168.0/24 for that key.
 
Old 06-03-2008, 04:27 AM   #3
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 579

Original Poster
Rep: Reputation: 30
Thanks Guru,,

If i try to create a key in Linux ,using
Code:
$ ssh-keygen -t rsa
a RSA key is generated successfully. If I add the key to the server , using

Code:
ssh-keygen --if mykey.pub >>.ssh/authorized_keys

I get the error

Code:
uudecode failed.
I gave-up the idea of importing an already existing key from windows.

What I need now is to generate a RSA key from client, and to add it to the server.

Can anyone guide me to, set this UP....


Thanks in Advance
 
Old 06-03-2008, 04:37 AM   #4
ischi
Member
 
Registered: Apr 2008
Location: Tübingen
Distribution: Fedora 9 (Thinkpad T60), Debian 3.1 (Server)
Posts: 51

Rep: Reputation: 15
Thats acctually really really easy, just google ssh without password or follow this link:
http://linuxproblem.org/art_9.html

Good Luck
 
Old 06-03-2008, 04:54 AM   #5
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
First of all, you used two dashes instead of one in the options. Secondly, the -f option is for importing an ssh key and exporting an openssh key. If you are using openssh in both, simply:
cat mykey.pub >> .ssh/authorized_keys

If the server is running a commercial ssh server, then export the openssh key to an RFC 4716 SSH public key format:
ssh-keygen -ef mykey.pub >my4716key.pub. The server will probably either accept this form or be able to import it.
 
Old 06-03-2008, 05:06 AM   #6
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 579

Original Poster
Rep: Reputation: 30
Thank you Ischi...

Guru,

I got the point. I added the key using

cat mykey.pub >> .ssh/authorized_keys

and it works. As moving forward, my next question is... How can I login from the client shell.

Am using ssh -i mykey.pub x.x.x.x


It is prompting for password... I want to enter passphrase as login credential.What is the option for ssh , to login to a server using pub-key.

Thanks
 
Old 06-03-2008, 05:21 AM   #7
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
Your public key should be in ~/.id_rsa.pub. Using "ssh user@server" will use that key.

Is the server configured for public key authentication?

You can try logging in like "ssh -v user@server" and see that the verbose messages says about public key authentication.
Code:
ssh -v hpmedia
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to hpmedia [127.0.0.2] port 22.
debug1: Connection established.
...
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jschiwal/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/jschiwal/.ssh/id_rsa':
If the server accepts password authentication, you may have had a "ssh-copy-id" program that could have added the key to the servers authorized_keys file for you.

ssh-copy-id [-i [identity_file]] [user@]machine

After opening a konsole on the local machine, I can use:
eval $(ssh-agent)
ssh-add

And then enter my passphrase once. After that the server won't ask for the passphrase each time I log in.
You may also want to disable password authentication on the server.

You could also use "PasswordAuthentication" in a ~/.ssh_config file. In the present situation, your login would fail however. Password authentication should be disabled on the server to prevent brute force username/password attack.

Last edited by jschiwal; 06-03-2008 at 05:22 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Which is better RSA or DSA public key? tarballedtux Linux - Security 12 02-03-2009 07:15 AM
SSH rsa key PB0711 Linux - Security 3 09-10-2006 04:57 PM
SSH RSA key problem taiwf Linux - General 3 05-21-2006 10:33 PM
ssh RSA key thanat0s Linux - Security 3 09-29-2003 10:51 PM
RSA public key encryption/private key decription koningshoed Linux - Security 1 08-08-2002 08:25 AM


All times are GMT -5. The time now is 07:13 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration