Problem Solved! The issue was that I scp'd the public key file generated by puttygen to the ~/.ssh/authorized_keys file and didn't copy-n-paste the public displayed by puttygen into a blank authorized_keys file. It appears that OpenSSH requires that public keys in the authorized_keys file be all in one long line vs. being wrapped the way puttygen does when saving public/private keys. So the next question is: how do you store *multiple* public keys in ~/.ssh/authorized_keys? Do subsequent keys get simply appended to the existing, thus creating one *very* long line? Or does each public key start on its own line? - Christopher -----Original Message----- From: Cowles, Steve [mailto:steve@xxxxxxxxxxxxxxx] Sent: Tuesday, November 11, 2003 6:49 PM To: 'redhat-list@xxxxxxxxxx' Subject: RE: PuTTY SSH w/o a Password L. Christopher Luther wrote: > PuTTY's docs would lead one to believe that OpenSSH supports either > RSA or DSA for SSH2. In any event, I am using DSA keys now (RSA was > tried first), and now the ~/.ssh/authorized_keys file now has a mode > of 600. I, however, still get the "Server refused our key" message. > > I'm think I need more that a "luck genie" -- maybe divine > intervention. > Personally, I don't like using null passphrases. I prefer to use ssh-agent/ssh-add -or- pageant.exe if using Putty from a windows based client. Nonetheless, I just created a null passphrase key and successfuly logged in (without being prompted for a passphrase) using this key. This was on a RH9 based system running openssh-3.5p1-11. Example: 1) Using puttygen, I created a 1024 bit ssh2 dsa based key. Did not enter a passphrase. 2) Cut/paste the open ssh public key that is shown at the top of the puttygen dialog box to the ssh server in my ~/.ssh/authorized_keys2 file. 3) Saved the private key to the putty directory as id_dsa1.PPK 4) Started putty.exe and loaded the session profile I setup for this server and changed the private key file (under SSH->AUTH) to use the null passphrase key saved in step 3. 5) Connect to ssh server. That's it!!! Hope this helps Steve Cowles -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
