[lug] Windows/PuTTY and Linux SSH Key Pair Compatibility

Drew Kelling akelling at gmail.com
Thu Jan 10 10:49:15 MST 2019 

I have been working with Microsoft's ssh client and scp client for a
project(Migrating auth from FreeIPA to Active Directory auth) I am working
on at work. I have not seen any issues with it in my testing and
integration with PowerShell
https://github.com/PowerShell/Win32-OpenSSH/releases

Might be something for you to consider using instead of using Putty


On Sat, Dec 29, 2018 at 2:21 PM D. Stimits <stimits at comcast.net> wrote:

>
> On December 29, 2018 at 12:47 PM David Leonard <david at appliedtrust.com>
> wrote:
>
> Attempting to respond from mobile and having formatting issues. This
> should convert the public key:
>
> ssh-keygen -i -f keyfile.pub > newkeyfile.pub
>
> I'll give this a try...I'm guessing the "-m" can be skipped and the key
> will remain the same other than being a correct single line format...I
> won't be able to see if this actually works until next week, but I am
> thinking this will work and be safer than me doing it with vi.
>
>
> On Saturday, December 29, 2018, D. Stimits < stimits at comcast.net> wrote:
>
> Yes, this is how he did it...I'm tempted to try putting it in the OpenSSL
> format through copy and paste now that you mention the possibility. It's
> kind of hard to give instructions when I'm on my Linux box somewhere else
> while he's on Windows. My fear with experimenting has been with loss of
> access if I do it wrong, but I think if it is unwound and in the right
> format, then the worst that could go wrong is that the key wouldn't work
> for him (unwinding it from the weird format would remove comments and any
> Windows EOL...at worst it would be a harmless failure).
>
>
> I do see a Bitvise client, and tried one out briefly...I'm thinking of
> having him use that instead due to it being more GUI and less command line,
> along with it having import/export features (where import seems to
> understand different key formats). He could just set a local home to a
> Windows folder, and the remote home to the right place on the Linux
> server...and he could drag-n-drop without searching through manually typed
> directories. I haven't figured out how he'd do that with PuTTY on Windows.
> Looks like Bitvise could just import any format of key and then export in
> its own format (which looks more OpenSSL).
>
> On December 28, 2018 at 4:26 PM Dan Mackin < dan.mackin at gmail.com> wrote:
>
> Sounds like the user clicked the "Save public key" button in the Putty
> KeyGen app instead of selecting and copying the text in the public key box
> at the top. See the attached screenshot.
>
> <sarcasm> I mean, I don't know why folks would think they should click the
> "Save public key" button to get a copy of their public key... </sarcasm>
>
> On Fri, Dec 28, 2018 at 2:22 PM D. Stimits < stimits at comcast.net> wrote:
>
> I'm trying to find out what is possible for copying a Windows-generated
> RSA public key (puttygen) to a Linux server. I do not have physical access,
> and I have my own key set up since I personally only use Linux to log in,
> but need to add a login for another user...and that user is using Windows.
> The trouble is that the public key is not what I expected...it is
> multi-line, it contains other comment, so on. It looks more like an email
> PGP key, but ignoring actual body content, this is the format:
>
> ---- BEGIN SSH2 PUBLIC KEY ----
> Comment: "rsa-key-20181228"
> ABC...cut...TEn
> DEF...cut...HHN
> ghi...cut...W2L
> JkL...cut...YYB
> XYZ...cut...srW
> Foo...cut...Bar
> ---- END SSH2 PUBLIC KEY ----
>
>
> So far as I know, the Linux style ".ssh/authorized_keys" would use a
> single line, and I am guesing that simply concatenating that content like
> an OpenSSH style single key might break it. I could have other ssh logins
> ready before doing this, so it isn't 100% that breaking this would lock me
> out, but I'd rather hear from someone who has done this before what the
> correct way is.
>
>
> Or, if there are comments on whether alternates to PuTTY (e.g., WinSCP)
> have worked out when a Windows user needs to occasionally copy a file to a
> Linux server (mostly just PDF files to a document directory). My goal is to
> have the Windows user with a single ssh key and keyless login.
>
>
> Thanks!
>
>
> ______________________________ _________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
> ______________________________ _________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
>
>
> --
> David W. Leonard - AppliedTrust - 303.245.4509<br>
> https://appliedtrust.com/david<br><br>AppliedTrust is the Professional
> Services arm of Peak10 + Viawest.
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190110/e48f91b2/attachment.html>

More information about the LUG mailing list