From owner-freebsd-questions@FreeBSD.ORG Thu Feb 2 00:41:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 65DEA16A420 for ; Thu, 2 Feb 2006 00:41:26 +0000 (GMT) (envelope-from youshi10@u.washington.edu) Received: from mxout1.cac.washington.edu (mxout1.cac.washington.edu [140.142.32.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 649D643D45 for ; Thu, 2 Feb 2006 00:41:25 +0000 (GMT) (envelope-from youshi10@u.washington.edu) Received: from smtp.washington.edu (smtp.washington.edu [140.142.33.9]) by mxout1.cac.washington.edu (8.13.5+UW05.10/8.13.5+UW05.09) with ESMTP id k120fOxr017628 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 1 Feb 2006 16:41:24 -0800 X-Auth-Received: from [128.208.7.218] (pinocchio.dyn.cs.washington.edu [128.208.7.218]) (authenticated authid=youshi10) by smtp.washington.edu (8.13.5+UW05.10/8.13.5+UW05.09) with ESMTP id k120fNH1005449 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 1 Feb 2006 16:41:24 -0800 Mime-Version: 1.0 (Apple Message framework v746.2) In-Reply-To: <1138840380.6221.253333657@webmail.messagingengine.com> References: <1138676399.30955.253148220@webmail.messagingengine.com> <20060131094135.GA2042@flame.pc> <1138836616.370.253326484@webmail.messagingengine.com> <5ceb5d550602011604p45bf08dfx21e972f44736f879@mail.gmail.com> <1138840380.6221.253333657@webmail.messagingengine.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <87F5D068-6A46-4966-8D71-11D9ECF86C80@u.washington.edu> Content-Transfer-Encoding: 7bit From: Garrett Cooper Date: Wed, 1 Feb 2006 16:42:40 -0800 To: FreeBSD Questions X-Mailer: Apple Mail (2.746.2) X-Uwash-Spam: Gauge=IIIIIII, Probability=7%, Report='__CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0' Subject: Re: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions)) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2006 00:41:26 -0000 On Feb 1, 2006, at 4:33 PM, david bryce wrote: > On Thu, 2 Feb 2006 01:04:19 +0100, "Daniel A." > said: >>> Thanks again for taking the time to reply. I have tried using SSH in >>> the past, and got stuck setting up the public key login (that's >>> why we're using pserver). >>> >>> I spent a few hours yesterday trying to get SSH going again. I can >>> login with SSH from the windows machine using Putty, but only when >>> I use password authentication. In order to use cvs with ssh (using >>> the plink program in Putty), we must use public key authentication. >>> >>> We are getting a 'Key Refused' error when trying to use public key >>> authentication. I have tried doing several things including editing >>> the /etc/ssh/sshd_config file: >> >> Try one or more of the following things: >> - Use puttygen to import your private key, and then export as .ppk >> - Load your key.ppk into pageant, and let it manage your private >> key(s) >> - Log in using your private key from the server (ie. login to the >> server with your password, and then from the shell ssh >> username@localhost). >> >> Please inform me of your results. > > Daniel, > > Thank you for taking the time to reply. > > We are currently using pageant to manage the private key. However, > the keys we are using are generated with puttygen (not from the > server). The public key was then copied to the authorized_keys > file on the server. Would you recommend generating the keys on > the server? Do you have an idea where are some instructions > about how to generate the keys on the server? Thanks! > > Regards, > > DB > > -- > david bryce > davidbryce@fastmail.fm > > -- > http://www.fastmail.fm - The way an email service should be Can you login using any key in the authorized_keys file? Also, what's the umask for authorized keys (ls -l .ssh/authorized_keys)? -Garrett