I have a Windows Vista with a secure connection to my Centos server, using SSH pair keys. I would like to use the same .PPK on iMac. I have used PuttyGen to create .PEM extension but it is not working.
I also created a new pair keys on iMac and appended the .PUB to the know_host file on Centos server. But this one is not working either.
Can anyone please walk me through trouble shooting? Thanks!
SSH doesn't use .PEM or .PPK files. For SSH keypairs you should have two files, a private key (id_rsa) and a public key (id_rsa.pub).
The id_rsa file is the one on your Mac (or Windows Vista PC) and the id_rsa.pub file's contents should be copied to the file authorized_keys, NOT known_hosts on your CentOS server.
The location of the authorized_keys file on the CentOS server will be in:
~/.ssh
Another option would be to generate a new SSH keypair on the Mac. You can find instructions on how to do this here:
https://www.digitalocean.com/community/tutorials/how-to-connect-to-your-droplet-with-ssh
Related
I want to change my remote server SSH. Currently I login through a .pem file
ssh -l ubuntu -i .ssh/myfile.pem XX.XX.XXX.XXX
I tried to find how to change that access key but I found only that methor :
ssh-keygen -t rsa -b 2048
cp id_rsa.pub authorised_keys
scp authorized_keys ubuntu#XX.XX.XXX.XXX:/home/ubuntu/.ssh
I see no .pem file generated, plus how can I connect now ?
I want to make sure before I do anything so I don't lose ability to connect via SSH.
Should I remove the old key with :
ssh-keygen -R hostname
If yes, when ? after or before the scp ? if after this will remove both keys, if before then I wouldn't be able to perform scp !!!
I am a bot confused.
I see no .pem file in my remote, the pem file is only in my local .ssh folder. in remote .ssh I see :
With "ssh-keygen" command you generate a pair of public and private keys (by default stored in $HOME/.ssh).
Then you copy the public key in your remote server, and the private key in your local client (with permissions 0600). You can use "ssh-add" command to add the private key to the authentication agent to be able to connect to the remote server.
I have the droplet on the digital ocean. I have tried to add ssh key to existing droplet. But there they asked for root password and I don't have root password. I have tried to connect to the droplet through the putty. It is giving message : Unable to use key "home/id_rsa" (OpenSSH SSH-2 private key). How to connect to droplet using ssh key? And What is the proper way to connect to the droplet? Is there any way to add ssh key to the existing droplet?
I registered few of the SSH keys for different PCs, so my method is that
1.) Use another pc to login eg.bash (ssh root#yourDropletIP)
2.) Go to your .ssh folder (/.ssh)
3.) Use nano or other text editor to open (nano .ssh/authorized_keys)
4.) Added your new machine ssh-keys to end of the file (notice: check is any empty space between keys, if so, delete it.
5.) Use your new machine to log in and enjoy!!!
I have to hack around this process.
Copy your existing SSH key from local machine to a keys.txt file and push to Github.
pbcopy < ~/.ssh/id_rsa.pub
Clone the file to Digital Ocean server and copy to authorized_keys.
cat keys.txt > authorized_keys
You can reset root password at digital ocean's website.
This function appear at your droplet's "Access" tab.
And you can follow this article to get access to your droplet using ssh-key
https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users
This may be useful for anyone else who is using Windows with PuTTY.
Change the sshd_config file - set the PasswordAuthentication entry to yes, restart sshd, then login to the droplet via PuTTY.
Copy your public ssh key to the clipboard in Windows. In the PuTTY console, paste the key into the authorized_keys file with a text editor (nano).
Go back into the sshd_config and set PasswordAuthentication back to no.
Restart sshd, logout. Login via PuTTY without a password.
References:
https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users
https://www.digitalocean.com/community/tutorials/how-to-create-ssh-keys-with-putty-to-connect-to-a-vps
One thing I would add is that if you are on Windows 10 (not sure about previous versions), you can go to the MS store, install the Ubuntu shell, and run the "ssh-copy-id" command there. That worked for me.
I'm new to Amazon web services and have managed to set up an instance.
I already have the ssh directory on my machine at: /usr/bin/ssh
I have also downloaded a Pem key file to my machine and have tried to copy my Pem key file into that directory but I cannot navigate to it. When I try:
cd /usr/bin/ssh
I get:
-bash: cd: /usr/bin/ssh: Not a directory
When I just try to type the command:
ssh
I get the following:
BEGIN: command not found
: command not found2: MIIEpAIBAAKCAQEAu6JORnapcVdvAwPm+6LVBA3n8chlGU4nE0g9nyD8zSDWlATJpf1Td35tPrxj
: No such file or directory
can anyone help with this?
I'm on OSX Lion 10.8.4 if that helps!
Your problem appears to be related to configuring the ssh keys. First, some clarifications:
/usr/bin/ssh is not a directory, it is the actual secure shell program. Do not modify it. (If you have already destroyed your ssh installation, you would need to restore the installation: http://support.apple.com/kb/PH10763).
ssh will use a public and a private key (keypair) to authenticate. The private key should be stored locally on your computer, generally in the .ssh folder inside your home directory (~/.ssh)
You may have generated the keypair yourself, or have gotten one generated by AWS.
I will assume your .pem file is the private key portion of the keypair, and that you have downloaded that from AWS after following a procedure along the lines of: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-to-have-aws-create-the-key-pair-for-you.html.
In that case, you need to simply:
copy the .pem file into your ~/.ssh directory.
rename it to id_rsa
ensure that you have correctly set permissions for the private key and .ssh directory (ssh is picky), typically 600 for the id_rsa file and 700 for the .ssh directory.
initiate the ssh connection via ssh username#host
i have my access key, secret key, and the downloaded cert pem file.
i understand SSH requires a private key file in order to establish a terminal SSH connection to my instance.
what i did find through Google is that i need to use puttygen to convert my cert pem file into a private key file:
http://www.techrepublic.com/blog/datacenter/connect-to-amazon-ec2-with-a-private-key-using-putty-and-pageant/5085
however, all the instructions i found are based on a GUI puttygetn and i only have the CL version because i am running Linux Fedora 16 on my laptop. i did yum PuTTy, which came with a GUI but puttygen only has a CL version. what i tried to do in puttygen is as follows:
>puttygen cert-***.pem -o default.pem
puttygen: error loading `cert-***.pem': file does not begin with OpenSSH key header
can anybody point what i am doing wrong and how i can use CL puttygen to convert my cert file to a private key file that is usable by SSH to connect to my instances?
thanks in advance
If you are running Linux at the command line, why are you needing to make a ppk with puttygen? Basically the keypair you get from AWS IS in pem format suitable for using in ssh command line.
So if you saved your .pem file from Amazon as /path/to/aws.pem, all you need to do is
ssh -i /path/to/aws.pem user#hostname.com
The ssh private key is completely different from the X.509 certificate and private key. It's a little confusing because folks often save the ssh private key generated by EC2 in a ".pem" file just like the cert and pk use.
You can't convert or use the X.509 certificate or private key for ssh as you tried to do.
You can generate an ssh private key (sometimes called a "keypair") through Amazon EC2 on the AWS console or through the AWS command line tools (ec2-add-keypair). If you are using Putty, you may still need to convert to PPK format as your referenced article describes, but you are converting the ssh key .pem file, not the X.509 private key or certificate.
If you know how to generate your own ssh key locally (or have already done so) then I recommend doing this and uploading the ssh public key to EC2.
When you run an EC2 instance, you then specify the ssh keypair name so that EC2 makes the ssh public key available to the instance, letting you securely ssh in to your new server.
Is there a way to convert PEM files to PPK files? (you may guess that Amazon EC2 gives me a PEM file, and I need to use the PPK format for SSH connectivity).
Use PuTTYGen
Creating and Using SSH Keys
Overview
vCloud Express now has the ability to create SSH Keys for Linux servers. This function will allow the user to create multiple custom keys by selecting the "My Account/Key Management" option. Once the key has been created the user will be required to select the desired SSH Key during the “Create Server” process for Linux.
Create and Use SSH Keys
Create keys
Navigate to “My Account”
Select “Key Management”
Create New Key.
During the key creation process you will be prompted to download your private key file in .PEM format. You will not be able to download the private key again as it is not stored in vCloud Express.
The “Default” checkbox is used for the API.
Deploy server and select key
Connect
SSH (Mac/Linux)
Copy .PEM file to the machine from which you are going to connect.
Make sure permissions on .PEM file are appropriate (chmod 600 file.pem)
Connect with ssh command: ssh vcloud#ipaddress –i privkey.pem
Putty (Windows)
Download Putty and puttygen from - here
Use puttygen to convert .PEM file to .PPK file.
Start puttygen and select “Load”
Select your .PEM file.
Putty will convert the .PEM format to .PPK format.
Select “Save Private Key” A passphrase is not required but can be used if additional security is required.
Connect with Putty.
Launch Putty and enter the host IP address. If connecting to the 10.X private address you must first establish an SSL VPN connection.
Navigate to Connection/SSH/Auth
Click “Browse” and select the .PPK file you exported from puttygen.
Click “Open.” When connection comes up enter username (default is vcloud).
Instructions copied from here
I'm rather shocked that this has not been answered since the solution is very simple.
As mentioned in previous posts, you would not want to convert it using C#, but just once. This is easy to do with PuTTYGen.
Download your .pem from AWS
Open PuTTYgen
Click "Load" on the right side about 3/4 down
Set the file type to *.*
Browse to, and Open your .pem file
PuTTY will auto-detect everything it needs, and you just need to click "Save private key" and you can save your ppk key for use with PuTTY
Enjoy!
If you have Linux machine just install puttygen in your system and use use below command to convert the key
pem to ppk use below command:
puttygen keyname -o keyname.ppk
Below command is use to convert ppk to pem not pem to ppk
puttygen filename.ppk -O private-openssh -o filename.pem
Download puttygen
Then open puttygen
click load
Set the file type to . all files
Save PrivateKey
and then u can just save any name that file became an ppk file
To SSH connectivity to AWS EC2 instance, You don't need to convert the .PEM file to PPK file even on windows machine, Simple SSH using 'git bash' tool. No need to download and convert these softwares - Hope this will save your time of downloading and converting keys and get you more time on EC2 things.
Convert .pem file to .ppk for Windows 10
You need to do following:
1. Download PuTTYGen with Pageant.
2. Press "load" button and select your ".pem" file.
3. Press "save private key" button and save your ".ppk" file.
4. Open Pageant and press "add key" button. Just all. Keep running Pageant in background.
5. Now login through SSH or SFTP without selecting password field.
Save YourPEMFILE.pem to your .ssh directory
Run puttygen from Command Prompt
a. Click “Load” button to “Load an existing private key file”
b. Change the file filter to “All Files (.)
c. Select the YourPEMFILE.pem
d. Click Open
e. Puttygen shows a notice saying that it Successfully imported foreign key. Click OK.
f. Click “Save private key” button
g. When asked if you are sure that you want to save without a passphrase entered, answer “Yes”.
h. Enter the file name YourPEMFILE.ppk
i. Click “Save”
PuTTYgen for Ubuntu/Linux and PEM to PPK
sudo apt install putty-tools
puttygen -t rsa -b 2048 -C "user#host" -o keyfile.ppk
I used a trial version of ZOC Terminal Emulator and it worked. It readily accepts the Amazon's *.pem files.
The trick is though, that you need to specify "ec2-user" instead of "root" for the username - despite the example shown in the EC2 console, which is wrong! ;-)
sudo yum install putty
sudo apt-get install putty-tools
To convert your .pem file to a .ppk file
sudo puttygen pemKey.pem -o ppkKey.ppk -O private
To convert a .ppk file to a .pem file
sudo puttygen ppkkey.ppk -O private-openssh -o pemkey.pem
I had the same issue with PuttyGen not wanting to import an openSSH private key. I tried everything and what I found out was the old version of PuttyGen did not support importing OpenSSH. Once I downloaded the latest Putty, puttygen then allowed it to import the openssh private key just fine. I now have a hole in the side of my desk for pounding my head against it for the past hour.