Recipe 6.7 Authenticating by Public Key (SSH2 Client, OpenSSH Server)

6.7.1 Problem

You want to authenticate between an SSH2 client (SSH Secure Shell from SSH Communication Security) and an OpenSSH server by public key.

6.7.2 Solution

Create an SSH2 private key on the client machine, if one doesn't already exist, and install it by appending a line to ~/.ssh2/identification:

 $ mkdir -p ~/.ssh2                                       If it doesn't already exist $ chmod 700 ~/.ssh2 $ cd ~/.ssh2 $ ssh-keygen2                                            Creates id_dsa_1024_a $ echo "IdKey id_dsa_1024_a" >> identification     (Appending)

Copy its public key to the OpenSSH server machine:

$ scp2 id_dsa_1024_a.pub remoteuser@remotehost:.ssh/

Log into the OpenSSH server host and use OpenSSH's ssh-keygen to import the public key, creating an OpenSSH format key: [Recipe 6.6]

$ ssh2 -l remoteuser remotehost Password: ******** remotehost$ cd ~/.ssh remotehost$ ssh-keygen -i > imported-ssh2-key.pub Enter file in which the key is (/home/smith/.ssh/id_rsa): id_dsa_1024_a.pub

Install the new public key by appending a line to ~/.ssh/authorized_keys:

remotehost$ cat imported-ssh2-key.pub >> authorized_keys   (Appending)

Log out and log back in using the new key:

remotehost$ exit $ ssh2 -l remoteuser remotehost

6.7.3 Description

Recall that SSH2 uses the identification file as explained in the sidebar, SSH-2 Key File Formats.

6.7.4 See Also

ssh-keygen(1), ssh-keygen2(1).