Date: Wed, 29 Nov 2000 07:14:25 +1000 From: "Doug Young" <dougy@bryden.apana.org.au> To: "Mike Meyer" <mwm@mired.org> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: SSH setup / RSA keys Message-ID: <005101c05980$330e6040$837e03cb@dougy> References: <14883.50183.238479.476485@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the response Mike I eventually discovered where I was going wrong ..... apparently the private key generated on the Unix system needs to be copied / renamed to another location there & then there doesn't appear to be any need for an "authorized_keys" on the Windows system. Well at least that works for me. After having got it working I can sorta see that "man ssh" is saying to do what I've done, but like virtually all man pages its quite useless as a :howto". The mailer IS (and always has been) set to "plain text" but then Outlook Express never was real smart :) ----- Original Message ----- From: "Mike Meyer" <mwm@mired.org> To: "Doug Young" <dougy@bryden.apana.org.au> Cc: <questions@freebsd.org> Sent: Wednesday, November 29, 2000 12:41 AM Subject: Re: SSH setup / RSA keys > Doug Young <dougy@bryden.apana.org.au> types: > > "man ssh" says "The user creates his/her RSA key pair blah blah blah > > ..... then copy the identity.pub to some directory on > > the remote machine." Now thats all very well if the remote machine > > happens to be another unix box, but where on earth does > > one find a "HOME/.ssh/authorized_keys" file or directory in a Windows > > system ???????? > > That will depend on TERATERM. Check it's documentation. > > SSH can be used in a mode that doesn't require user keys (just host > keys) on both ends. It sets up an encrypted channel and you do the > password query/response over that. You should get that if you don't > have a key. I don't use TERATERM on Windows; I use PuTTY, and just > installing then running it gets that mode. > > Oh yeah - please set your mailer to *not* send HTML to this list. > > <mike > > > I get a "fatal: Timeout before authentication for xxx.xxx.xxx.xxx" = > > message from FreeBSD, but I guess thats just the FreeBSD=20 > > system spitting the dummy at a key it doesn't like. > > > > Would someone please enlighten me on just how I go about setting up keys = > > that are acceptable to both FreeBSD & Windows,=20 > > and if theres any sort of hocus pocus is involved in getting the key/s = > > from unix to windows without changing the things. > > > > - ------=_NextPart_000_0921_01C05959.1C090B10 > > Content-Type: text/html; > > charset="iso-8859-1" > > Content-Transfer-Encoding: quoted-printable > > > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > > <HTML><HEAD> > > <META http-equiv=3DContent-Type content=3D"text/html; = > > charset=3Diso-8859-1"> > > <META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR> > > <STYLE></STYLE> > > </HEAD> > > <BODY bgColor=3D#ffffff> > > <DIV><FONT face=3DArial size=3D2>I'm trying to configure SSH login to a = > > 4.2 RELEASE=20 > > system from various Windows machines. It certainly appears to be a = > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>step forward in securing servers from = > > the moron=20 > > element that gets its thrills from wanton vandalism, however as with = > > most=20 > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>new things in unix the = > > documentation quite=20 > > sparse as far as explaining </FONT></DIV> > > <DIV><FONT face=3DArial=20 > > size=3D2>"exactly_how_do_I_do_this_from_scratch_when_I_ only_first=20 > > _stumbled_across_ the beast_an_hour_ago"</FONT></DIV> > > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > > <DIV><FONT face=3DArial size=3D2>I've installed "TeraTerm" in the = > > Windows systems,=20 > > (complete with the SSH patch), and its sorta talking to unix (its got no = > > > > problem</FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>with regular telnet = > > login), </FONT><FONT=20 > > face=3DArial size=3D2>but I've obviously not understood something = > > </FONT><FONT=20 > > face=3DArial size=3D2>about this private / public keys stuff because it = > > refuses to=20 > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>accept either the <FONT = > > face=3DArial=20 > > size=3D2>private </FONT></FONT><FONT face=3DArial size=3D2><FONT = > > face=3DArial size=3D2>or=20 > > the public keys that I copied from the FreeBSD /home/username=20 > > directory. </FONT> </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > > <DIV><FONT face=3DArial size=3D2>"man ssh" says "The user creates = > > his/her RSA key=20 > > pair blah blah blah ..... then copy the identity.pub to some = > > directory on=20 > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>the remote machine." Now thats = > > all very well=20 > > if the remote machine happens to be another unix box, but where on = > > earth=20 > > does</FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>one find a "HOME/.ssh/authorized_keys" = > > file or=20 > > directory in a </FONT><FONT face=3DArial size=3D2>Windows system = > > ????????=20 > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > > <DIV><FONT face=3DArial size=3D2>I get a "fatal: Timeout before = > > authentication for=20 > > xxx.xxx.xxx.xxx" message from FreeBSD, but I guess thats just the = > > FreeBSD=20 > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>system spitting </FONT><FONT = > > face=3DArial size=3D2>the=20 > > dummy at a key it doesn't like.</FONT></DIV> > > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > > <DIV><FONT face=3DArial size=3D2>Would someone please enlighten me on = > > just how I go=20 > > about setting up keys that are acceptable to both FreeBSD & Windows, = > > > > </FONT></DIV> > > <DIV><FONT face=3DArial size=3D2>and if theres any sort of hocus = > > pocus is=20 > > involved in getting the key/s from unix to windows without changing the=20 > > things.</FONT></DIV></BODY></HTML> > > > > - ------=_NextPart_000_0921_01C05959.1C090B10-- > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > -- > Mike Meyer http://www.mired.org/home/mwm/ > Independent WWW/Unix/FreeBSD consultant, email for rates. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005101c05980$330e6040$837e03cb>