jpetter
asked on
Problem with key authentication OpenSSH client to Reflection SSH server
Hi,
I'm trying to setup SSH on all of our new scanners, and since much of what we do is scripted, I need to setup the keys so that they do not use passwords. I have this working fine on the scanners we have running on Linux since it's OpenSSH connecting to OpenSSH. Where I'm having problems is on the scanners we have running on Windows servers, which are running "Reflection_14.0.851, SSH protocols 1.5/2.0, Reflection SSC Crypto Module 1.0.170".
I'm using a MacBook Pro running OS X 10.8 for my client side, which is running "OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011". My client side is setup in ~/.ssh, and here is what that looks like:
$ ls -l .ssh
total 24
-rw------- 1 xxxxxxx staff 1675 Aug 28 12:36 id_rsa
-rw-r--r-- 1 xxxxxxx staff 405 Aug 28 12:36 id_rsa.pub
-rw-r--r-- 1 xxxxxxx staff 410 Aug 28 13:46 known_hosts
The keys were created using ssh-keygen -t rsa on the client, and the password and confirmation were blank. I then copied my public key to one of the Windows scanners. I followed the Reflection documentation for my SSH setup on the Win box. This is where I suspect something went wrong, but I can't figure out where. On the Win host, I created ~/.ssh2 and used Cygwin to chmod the directory to 700. My public key I had copied to my home directory, and I ran this command to convert the key to the Reflection format, and get it into the ~/.ssh2 directory. ssh-keygen -e -f id_rsa.pub > .ssh2/id_rsa_r.pub. I then created the file ~/.ssh2/authorization. The contents of authorization is:
Key id_rsa_r.pub.
When I try to connect to this host from my Mac, I am still getting prompted for a password, so I know something isn't right.
If anyone can provide any insight, or help into what I need to do to get this working correctly, I would greatly appreciate it. Here are links to the Reflection documents I used:
http://docs.attachmate.com/reflection/rsit-ssh/7.1sp2/unix/en/man-pages/ssh-keygen_man_page.htm
http://support.attachmate.com/techdocs/1932.html#Converting_the_public_key
Any and all help is greatly appreciated.
Thanks,
I'm trying to setup SSH on all of our new scanners, and since much of what we do is scripted, I need to setup the keys so that they do not use passwords. I have this working fine on the scanners we have running on Linux since it's OpenSSH connecting to OpenSSH. Where I'm having problems is on the scanners we have running on Windows servers, which are running "Reflection_14.0.851, SSH protocols 1.5/2.0, Reflection SSC Crypto Module 1.0.170".
I'm using a MacBook Pro running OS X 10.8 for my client side, which is running "OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011". My client side is setup in ~/.ssh, and here is what that looks like:
$ ls -l .ssh
total 24
-rw------- 1 xxxxxxx staff 1675 Aug 28 12:36 id_rsa
-rw-r--r-- 1 xxxxxxx staff 405 Aug 28 12:36 id_rsa.pub
-rw-r--r-- 1 xxxxxxx staff 410 Aug 28 13:46 known_hosts
The keys were created using ssh-keygen -t rsa on the client, and the password and confirmation were blank. I then copied my public key to one of the Windows scanners. I followed the Reflection documentation for my SSH setup on the Win box. This is where I suspect something went wrong, but I can't figure out where. On the Win host, I created ~/.ssh2 and used Cygwin to chmod the directory to 700. My public key I had copied to my home directory, and I ran this command to convert the key to the Reflection format, and get it into the ~/.ssh2 directory. ssh-keygen -e -f id_rsa.pub > .ssh2/id_rsa_r.pub. I then created the file ~/.ssh2/authorization. The contents of authorization is:
Key id_rsa_r.pub.
When I try to connect to this host from my Mac, I am still getting prompted for a password, so I know something isn't right.
If anyone can provide any insight, or help into what I need to do to get this working correctly, I would greatly appreciate it. Here are links to the Reflection documents I used:
http://docs.attachmate.com/reflection/rsit-ssh/7.1sp2/unix/en/man-pages/ssh-keygen_man_page.htm
http://support.attachmate.com/techdocs/1932.html#Converting_the_public_key
Any and all help is greatly appreciated.
Thanks,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I blew everything away, started from scratch, and now it's working. The only thing I did differently was to create a 2048 bit key rather than the default 1024 bit one. Since you're the only one to respond, you've got the points, FWIW. Thanks.
ASKER