Tuesday, July 28, 2009

SSH and RSA Auth using Putty and MAC

    To allow access to a remote system for a given identity place the public key in your ~/.ssh/authorized_keys file on that remote system. All keys listed in that file are allowed access.

    Say you want to connect from your Mac to the Linux Server (Athena) as root using RSA Key Authentication. On Mac under the ~ataran/.ssh you need to do a ssh-keygen -t rsa and create the pub, priv keys with a secret passphrase. Then take this pub key from the Mac and add it to the ~root/.ssh/authorized_keys. Then from MAC you can do ssh     root@athena and you will be prompted to enter the secret passphrase.

    Now back to the other question of how to use Putty-based RSA public-key with OpenSSH server on Athena. The public-key generated by Puttygen is not compatible with the one generated by OpenSSH. However, you can manually modify the Putty-based public key before appending it to authorized_keys file on Athena.

  • ssh to your Linux server using the loginid and password

  • chmod 700 ~/.ssh folder

  • chmod 600 ~/.ssh/authorized_keys

  • ssh-keygen -t dsa
    (or rsa; accept the file names it wants to use, enter a strong passphrase)
  • Open Puttygen (Putty Key Generator), click Generate button and move the mouse cursor randomly within the key section/frame to create the key with default settings (e.g. SSH-2 RSA of 1024 bits).
  • When the key generation completes, create a strong passphrase in the text box provided.
  • Then, click save Public Key and Save Private Key button, one after another, to save the pair of key to local hard disk.
  • Transfer the Puttygen-created public key to the linux server. Let’s say this public key is only meant for root user account, append the contents of this public key in ~root/.ssh/authorized_keys file.
  • On the Linux Server open the authorized_keys file with vi editor and delete the lines initial with four dash and “Comment”. Join the remain lines into one, single line. Initial that single line with ssh-rsa keyword (a space at the end).
  • NOW change your putty settings under "connection > SSH > auth" to use privatekey.ppk
  • NOW try and connect using Putty SSH (root@athena) and enter the passphrase when prompted



Related Posts

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)