PuTTY Key Generator saves public key in different format than authorized_keys file
Spent quite a few hours today setting up ssh key authentication on my client and server. Most of that time has been dealing with "Server refused our key" message upon connection. I had generated several private/public key pairs, SSH-2 (RSA) and SSH-2 (DSA), then saved them disk with the "Save public key" and "Save private key" buttons. Finally, I copied the public key file to "authorized_keys" in the ".ssh" directory on the server.
It turned out that the public key file that PuTTY Key Generator created is in a different format than the public key shown in the "Public key for pasting into OpenSSH authorized_keys file:" text box. The following is an example of what needs to go into the "authorized_keys" file (although I splitted the key up into multiple lines for easy reading, everything is on a single line).
The following is what ended up in the public key file generated by PuTTY Key Generator with the "Save public key" button. See the discrepancy? Note that the key is separated into four separate lines.
---- BEGIN SSH2 PUBLIC KEY ----
I don't know what is the purpose of generating the public key in this format and which application understands this format. But the easiest way to get the correct public key into the "authorized_keys" file is to copy-and-paste the public key text in the PuTTY Key Generator window.
But there are situations where you have the public key text file, but no PuTTY Key Generator handy. The easiest way is to convert that public key text file into the correct format by hand. Start the string with "ssh-rsa", or "ssh-dss" if the public key is SSH-2 DSA type. Next copy and concatenate the four public key lines into one line and append it after the starting string. Finally, take the string in quotes, behind "Comment:", and append it to the end of the line. That is the public authentication key useable in "authorized_keys" file.
Thanks a ton for this;
I'm a newbie at Unix systems and TLS/SSL, and have had to learn both for firedrills recently:
Did your message disappear? Read the Forums FAQ.
Spam Control | * indicates required field
TrackBack only accepted from WebSite-X Suite web sites. Do not submit TrackBacks from other sites.
No TrackBacks yet. TrackBack can be used to link this thread to your weblog, or link your weblog to this thread. In addition, TrackBack can be used as a form of remote commenting. Rather than posting the comment directly on this thread, you can posts it on your own weblog. Then have your weblog sends a TrackBack ping to the TrackBack URL, so that your post would show up here.
Messages, files, and images copyright by respective owners.
60 Users Online
Copyright © 2004 - 2018. All Rights Reserved.