[lug] Windows/PuTTY and Linux SSH Key Pair Compatibility

D. Stimits stimits at comcast.net
Sat Dec 29 14:21:09 MST 2018


> On December 29, 2018 at 12:47 PM David Leonard <david at appliedtrust.com> wrote:
> 
>     Attempting to respond from mobile and having formatting issues. This should convert the public key:
> 
>     ssh-keygen -i -f keyfile.pub > newkeyfile.pub
> 

I'll give this a try...I'm guessing the "-m" can be skipped and the key will remain the same other than being a correct single line format...I won't be able to see if this actually works until next week, but I am thinking this will work and be safer than me doing it with vi.


>     On Saturday, December 29, 2018, D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
> 
>         > > 
> >         Yes, this is how he did it...I'm tempted to try putting it in the OpenSSL format through copy and paste now that you mention the possibility. It's kind of hard to give instructions when I'm on my Linux box somewhere else while he's on Windows. My fear with experimenting has been with loss of access if I do it wrong, but I think if it is unwound and in the right format, then the worst that could go wrong is that the key wouldn't work for him (unwinding it from the weird format would remove comments and any Windows EOL...at worst it would be a harmless failure).
> > 
> > 
> >         I do see a Bitvise client, and tried one out briefly...I'm thinking of having him use that instead due to it being more GUI and less command line, along with it having import/export features (where import seems to understand different key formats). He could just set a local home to a Windows folder, and the remote home to the right place on the Linux server...and he could drag-n-drop without searching through manually typed directories. I haven't figured out how he'd do that with PuTTY on Windows. Looks like Bitvise could just import any format of key and then export in its own format (which looks more OpenSSL).
> > 
> >             > > > On December 28, 2018 at 4:26 PM Dan Mackin < dan.mackin at gmail.com mailto:dan.mackin at gmail.com > wrote:
> > > 
> > >             Sounds like the user clicked the "Save public key" button in the Putty KeyGen app instead of selecting and copying the text in the public key box at the top. See the attached screenshot.
> > > 
> > >             <sarcasm> I mean, I don't know why folks would think they should click the "Save public key" button to get a copy of their public key... </sarcasm>
> > > 
> > >             On Fri, Dec 28, 2018 at 2:22 PM D. Stimits < stimits at comcast.net mailto:stimits at comcast.net > wrote:
> > > 
> > >                 > > > > 
> > > >                 I'm trying to find out what is possible for copying a Windows-generated RSA public key (puttygen) to a Linux server. I do not have physical access, and I have my own key set up since I personally only use Linux to log in, but need to add a login for another user...and that user is using Windows. The trouble is that the public key is not what I expected...it is multi-line, it contains other comment, so on. It looks more like an email PGP key, but ignoring actual body content, this is the format:
> > > > 
> > > >                     ---- BEGIN SSH2 PUBLIC KEY ----
> > > >                     Comment: "rsa-key-20181228"
> > > >                     ABC...cut...TEn
> > > >                     DEF...cut...HHN
> > > >                     ghi...cut...W2L
> > > >                     JkL...cut...YYB
> > > >                     XYZ...cut...srW
> > > >                     Foo...cut...Bar
> > > >                     ---- END SSH2 PUBLIC KEY ----
> > > > 
> > > > 
> > > >                 So far as I know, the Linux style ".ssh/authorized_keys" would use a single line, and I am guesing that simply concatenating that content like an OpenSSH style single key might break it. I could have other ssh logins ready before doing this, so it isn't 100% that breaking this would lock me out, but I'd rather hear from someone who has done this before what the correct way is.
> > > > 
> > > > 
> > > >                 Or, if there are comments on whether alternates to PuTTY (e.g., WinSCP) have worked out when a Windows user needs to occasionally copy a file to a Linux server (mostly just PDF files to a document directory). My goal is to have the Windows user with a single ssh key and keyless login.
> > > > 
> > > > 
> > > >                 Thanks!
> > > > 
> > > > 
> > > >                 ______________________________ _________________
> > > >                 Web Page:  http://lug.boulder.co.us
> > > >                 Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > >                 Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > > 
> > > >             > > >             ______________________________ _________________
> > >             Web Page: http://lug.boulder.co.us
> > >             Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > >             Join us on IRC:http://irc.hackingsociety.org port=6667 channel=#hackingsociety
> > > 
> > >         > > 
> >     > 
> 
>     --
>     David W. Leonard - AppliedTrust - 303.245.4509<br> https://appliedtrust.com/david<br><br>AppliedTrust is the Professional Services arm of Peak10 + Viawest.
>     _______________________________________________
>     Web Page: http://lug.boulder.co.us
>     Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>     Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20181229/2f292e3b/attachment.html>


More information about the LUG mailing list