I generated a keys with putty w/ no passphrase. putty works fine, but now i installed cygwin and would like to use ssh to login. For some reason i'm prompted for a passphrase? why? putty just logs straight in? i don't want to have to generate a new key and annoy the network admins. here is what it looks like in cygwin:
$ ssh -i Documents\ and\ Settings/xxxxx/My\ Documents/xxxxx\ putty\ keys/private\ key.ppk dev.xxxxxx.com
Enter passphrase for key 'Documents and Settings/xxxxx/My Documents/xxxxx putty keys/private key.ppk':
Permission denied (publickey).
Putty uses its own .ppk format for keyfiles, and Cygwin's ssh probably can't read them correctly.
Solution: convert the .ppk file to OpenSSH key format with puttygen.exe.
You need to get "puttygen.exe" from the putty webpage http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html to convert your key to the OpenSSH format. Then it should just work.
If you can login with putty, there is no need to "annoy the network admins". Just generate a new key with cygwin, then login with putty and place your new public key in your .ssh/authorized_keys file. You should now be able to login with cygwin's ssh.
EDIT:
By the way, a sure way to "piss off" any admin is to use unencrypted keys.
You can export PuTTY keys to OpenSSH format and append them to your .ppk file, so that it becomes a valid key for ssh-add.
Just export the private key with PuTTYGen then add it to the .ppk file, then you should be able to ssh-add it. But note that when you edit the .ppk itself with PuTTYGen, it will ovewrite the file.
You can also use a script like this for adding a .ppk file into your SSH agent:
file=~/`basename $0`.tmp
trap "rm -v $file" EXIT
echo -n "Password: "
read -s pwd
echo $pwd | puttygen -P -q -O private-openssh $1 -o $file
ssh-add $file
Source: http://bazaar.launchpad.net/~renatosilva/+junk/scripts/view/head:/ppk-add.sh
Related
I am trying to connect a Linux machine from Windows using passwordless SSH connection. I generated the keys using PuTTYgen in the Windows machine and copied the keys to the Linux machine appropriately.
From the command prompt of windows I could access passwordless using the below command:
ssh user#ipaddress
When I use Plink, if I issue the below command the passwordless connection is going through:
plink user#ipaddress -i <path to private ppk>
My question here is: in case I use plink -batch option, where does the private key file will be picked from if I don't mention -i option?
In other words, which is the default location of ppk file which Plink is looking for?
For example:
plink -batch user#ipaddress
Plink does not have any default location for private keys.
What you should do instead, is load the private key into Pageant (PuTTY authentication agent).
i have a server which is access remote connection only with SSH key auth
i have a key which is stored in my home directory with .pem extension
but when im trying to copy file using the scp command
scp /home/myfilewhichiwannatocopy core#54.32.14.156:/home/core the server asks for password but i don't have it ( btw normal connection using the ssh -i /.ssh/mg.service.pem core#54.32.14.156 fully works) and how to make the scp command for using the key auth?
scp -i /path/to/key.pem somefile.txt user#<machine>:/path
Might I also add, you can consult the man pages https://linux.die.net/man/1/scp
I want to copy big files from one linux server(SLES11) to another(SunOS) via bash scripting. I dont want to have a password promt so I used ssh-keygen to generate key about this connection.These are the steps I followed:
ssh-keygen -t rsa -b 2048
ssh-copy-id -i /home/username/.ssh/id_rsa.pub swtrans#111.111.111.111
ssh -i id_rsa.pub swtrans#111.111.111.111
After this scp command still requests password.
I am not 'root' user in both servers.
I changed permissions to 700 to the .ssh directory and 640 to the file authorized_keys in the remote server.
ssh -i id_rsa.pub swtrans#111.111.111.111
The -i argument accepts the private key, not the public one. You should use
ssh -i id_rsa swtrans#111.111.111.111
If it will not help, please provide the errors you can see in the server log and in the client
I want to change my remote server SSH. Currently I login through a .pem file
ssh -l ubuntu -i .ssh/myfile.pem XX.XX.XXX.XXX
I tried to find how to change that access key but I found only that methor :
ssh-keygen -t rsa -b 2048
cp id_rsa.pub authorised_keys
scp authorized_keys ubuntu#XX.XX.XXX.XXX:/home/ubuntu/.ssh
I see no .pem file generated, plus how can I connect now ?
I want to make sure before I do anything so I don't lose ability to connect via SSH.
Should I remove the old key with :
ssh-keygen -R hostname
If yes, when ? after or before the scp ? if after this will remove both keys, if before then I wouldn't be able to perform scp !!!
I am a bot confused.
I see no .pem file in my remote, the pem file is only in my local .ssh folder. in remote .ssh I see :
With "ssh-keygen" command you generate a pair of public and private keys (by default stored in $HOME/.ssh).
Then you copy the public key in your remote server, and the private key in your local client (with permissions 0600). You can use "ssh-add" command to add the private key to the authentication agent to be able to connect to the remote server.
I'm learning Ansible, in a setup document : http://docs.ansible.com/intro_getting_started.html
It says if I don't want to enter password every time, I can do :
$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa
I did it, but how come I still have to enter password every time ?
Then it says "you may wish to use Ansible’s --private-key option", but I can't find any document on that. Whay's that for and how to do it ?
I'm not sure about Ansible, but I know a bit about how ssh keys work
When you generate a new SSH key with the ssh-keygen command (which by default goes to the ~/.ssh/id_rsa file), it asks you to put in a passphrase(password)
Whenever you use that key, it will ask you for that passphrase.
If you create a new key with
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/YOUR_USERNAME/.ssh/id_rsa_nopass
Enter passphrase (empty for no passphrase): [just press enter, don't type anything]
Enter same passphrase again: [just press enter again]
This will create both an id_rsa_nopass private key file, and an id_rsa_nopass.pub public key file in the directory you chose (/home/user/.ssh)
You should then be able to use the following command, assuming ansible is set up to use your ssh keys correctly
$ ssh-add ~/.ssh/id_rsa_nopass
NOTE: Using an ssh key without a passphrase can be dangerous, as anybody can access your device and connect without knowing your password. If you don't mind this, then a no-passphrase ssh key is a good way to avoid typing a password everyone
edit: Just looked into Ansible a bit, it's basic setup is just to run a command on an ssh server, right?
In which case, you may need to add your public key to whichever server you are connecting to, this can usually be done via the command
ssh-copy-id -i /path/to/your/public/key/file yourname#yourserver.com -p your_server's_ssh_port
For example, to authorize the id_rsa_nopass key from earlier to the account foobar on the server example.org, with ssh port 10022 you would do
ssh-copy-id -i ~/.ssh/id_rsa_nopass.pub foobar#example.org -p 10022
This will prompt you for the password to foobar#example.org, upon filling in the password it will authorize that public key to connect to that server, and since id_rsa_nopass has no passphrase, you should now be able to connect without any password prompt