Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Using existing keys

from [Antony Gelberg] Network Security [Permanent Link]
Subject: Using existing keys
Date: Fri, 04 Feb 2005 10:01:53 +0000 
Hi all,

We'd like to use certificates to ssh between machines in our network.
The machines concerned already have X.509 certificates and private keys
for use with openswan, and we would like to re-use these for ssh rather
than generate new ones with ssh-keygen.

I think all the files are in the right places (id_rsa, id_rsa.pub on the
client, and a copy of the client public key in authorized_keys2).
According to the server debug, there is a problem with the client public
key in authorized_keys2.  This was generated from the public key withthe
command openssl rsa -in privatekey.pem -pubout > publickey.pem

I generated a keypair with ssh_keygen for comparison purposes and there
is a noticable difference in the format as follows.

openssl-generated public key:

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4qgs3e4dyFv5jPawn8iWjPmJT
sJ7NCyadt2nKB35mJp5evWlfrbILDSk0NqOjAiA/aDOcrH/QeCto8gzYOapv7KYd
Lb0cfsnz+qhdgBucLC7ZguyTyrfomreaRTPyxEof5/VOOQiAVYby+y9wdNXws+Xd
tIqUfvQ2df4kJIEaxQIDAQAB
-----END PUBLIC KEY-----

ssh-keygen public key:

ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA9Ue+YGFwbpVML+4pbGcYS8rsO0xNbT3uXTJNAs2M2KN7KZLZF6ATjzgzrPe3f0f9QIqarqylxmdH4Lkg1Fv4YtxzNdr4J0iiHBULJ9WlBXz1ax2F/tRocG8Yx7GX3JpGqd9FzcA24kC9gahb99/2rJLadGRRsO4rT20hf+zt4+8= 

root@geddy

How can I get sshd to work with the former style of public key, or is
there any other workaround?  We're using 3.8.1 on Linux at both ends.

Antony

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: AllowGroups and ldap, Tay, Gary
Next by Date:  Re: Problem compiling openssh 3.9p1 on HP-UX 10.20, Greg Wooledge
Previous by Thread:  Problem compiling openssh 3.9p1 on HP-UX 10.20, peter . kielbasiewicz
Next by Thread:  Re: Using existing keys, Roumen Petrov
Indexes:  [Date] [Thread] [Top] [All Lists]