Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > General

Reply
 
Thread Tools Display Modes
  #1  
Old 04-26-2006, 10:35 AM
balubeto balubeto is offline
Registered User
 
Join Date: Apr 2006
Posts: 4
SecureCRT 5.1.0 , SSH2 and key

HI

On my Linux server (Debian Etch Testing), I have installed and configured a OpenSSH server (with protocol 2) that only allows the access to those users who have only their public key.

How I must make to make so that also the users, that they use the SecureCRT 5.1.0 client, can access my OpenSSH server only using their public key?

THANKS

BYE
__________________
Balubeto
Reply With Quote
  #2  
Old 04-26-2006, 01:45 PM
tnygren's Avatar
tnygren tnygren is offline
Registered User
 
Join Date: May 2005
Posts: 1,408
Hi Balubeto,

To set up PublicKey authentication on your OpenSSH server using a key pair generated by SecureCRT, you would just need to follow these steps after receiving the public key file from the SecureCRT user. These steps were written for the end user to perform the upload on their own but do have information on how to copy the information from the public key file so that OpenSSH will use it.

Code:
1.   Log on to the remote SSH2 server using SSH2 and password authentication The process of verifying that an individual truly is who he or she claims to be. Supplying a password is a very common method of authentication. The most secure method of authentication supported in SecureCRT is public-key authentication. See also: identity file, public-private key pair..

2.   On the local machine, use Notepad.exe to open the Identity.pub file that was created with the Key Generation wizard.

3.   With the Identity.pub file opened in the Notepad application, open the Edit menu and choose Select All. Once everything is selected, open the Edit menu again and select Copy.

4.   On the remote machine, complete the following steps:

a.    % cat > ~/.ssh/identity.pub

b.   Click on the SecureCRT paste button    to paste the contents of the Clipboard (which should now contain the contents of your Identity.pub file).

c.   Issue a CTRL+D to close the Identity.pub file.

d.   Convert the key to one that OpenSSH will recognize using the following command: 

For OpenSSH 2.5 and earlier, use:

% ssh-keygen -X -f ~/.ssh/identity.pub >> ~/.ssh/authorized_keys2 

For OpenSSH 2.9 and later, use:

% ssh-keygen -i -f ~/.ssh/identity.pub >> ~/.ssh/authorized_keys2 

e.   Ensure that you are the only user with permissions to write to the Identity.pub file.

Note: As of version 3.0, OpenSSH has made some file name changes. The following files:

/etc/ssh_known_hosts2
~/.ssh/known_hosts2
~/.ssh/authorized_keys2

are now obsolete. You now should use, respectively:

/etc/ssh_known_hosts
~/.ssh/known_hosts
~/.ssh/authorized_keys

For backward compatibility ~/.ssh/authorized_keys2 will still be used for authentication and host keys are still read from the known_hosts2. However, those deprecated files are considered "read only". Future releases are likely not to read these files.
Does this information help?
__________________
Thanks,

Teresa

Teresa Nygren
Reply With Quote
  #3  
Old 04-27-2006, 09:34 AM
balubeto balubeto is offline
Registered User
 
Join Date: Apr 2006
Posts: 4
With this method, I would find again myself to having always the private key and that public in the Client that would serve to me in order to access the OpenSSH Server. I, but, wanted to know if a way existed for which the Client had only the public key.

THANKS

BYE
__________________
Balubeto
Reply With Quote
  #4  
Old 04-27-2006, 09:57 AM
tnygren's Avatar
tnygren tnygren is offline
Registered User
 
Join Date: May 2005
Posts: 1,408
Hi Balubeto,

If I understand correctly, you are wondering if the client can authenticate to the SSH2 server if they only have the public key.

Is that correct?

If so, the client must have both the public and private keys in order to authenticate to the server. The server would only need to have the information from the public key.

If that was not correct, could you tell me more about how the setup is configured?
__________________
Thanks,

Teresa

Teresa Nygren
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:33 PM.