Upgraded SSH Public Key Authorization on FC4 Not Working - SSH

This is a discussion on Upgraded SSH Public Key Authorization on FC4 Not Working - SSH ; Hi Folks, I've read the comp.security.ssh faq and I'm still confused. It appeared that the default ssh that wsa installed by the FC4 distro was version 1. Since the FAQ pretty much dissed anything below version 2.20, I upgraded to ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: Upgraded SSH Public Key Authorization on FC4 Not Working

  1. Upgraded SSH Public Key Authorization on FC4 Not Working

    Hi Folks,

    I've read the comp.security.ssh faq and I'm still confused.

    It appeared that the default ssh that wsa installed by the
    FC4 distro was version 1. Since the FAQ pretty much dissed
    anything below version 2.20, I upgraded to version 3.2.9.1
    via ftp://ftp.ssh.com/pub/ssh.

    I then followed the FAQ question 4.5 to attempt to get
    user public key authentication to work. However, where
    it says:

    In remote_host (this is the host where you want to connect to): Add the following line to file ~/.ssh2/authorization:

    key id_dsa_1024_a.pub #or whatever is your pub keys name

    I wasn't sure what to put for "key". I presumed it was just a string that
    needed to match the "idkey" field on the local host, from the following:

    In local_host (this is the host you want to connect from): Add the following line to ~/.ssh2/identification:

    idkey id_dsa_1024_a #or whatever is your private keys name

    However, after completing these steps, I do not get password-free authentication.

    What am I doing wrong? Any help would be greatly appreciated.
    --
    % Randy Yates % "And all that I can do
    %% Fuquay-Varina, NC % is say I'm sorry,
    %%% 919-577-9882 % that's the way it goes..."
    %%%% % Getting To The Point', *Balance of Power*, ELO
    http://home.earthlink.net/~yatescr

  2. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    I should add that I did upgrade ssh and sshd on both the local
    and remote computers. Also note that these two systems are
    both FC4, and are on an internal private network (192.168.1.x).
    Not that FC4 required it, but I also rebooted each system before
    attempting the test.
    --
    % Randy Yates % "With time with what you've learned,
    %% Fuquay-Varina, NC % they'll kiss the ground you walk
    %%% 919-577-9882 % upon."
    %%%% % '21st Century Man', *Time*, ELO
    http://home.earthlink.net/~yatescr

  3. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    >>>>> "RY" == Randy Yates writes:

    RY> Hi Folks, I've read the comp.security.ssh faq and I'm still
    RY> confused.

    RY> It appeared that the default ssh that wsa installed by the FC4
    RY> distro was version 1.

    This would be OpenSSH. I very much doubt the FC4 included OpenSSH v1.
    Perhaps you're referring to protocol version 1.

    RY> Since the FAQ pretty much dissed anything
    RY> below version 2.20, I upgraded to version 3.2.9.1 via
    RY> ftp://ftp.ssh.com/pub/ssh.

    You didn't upgrade; you replaced one implementation of SSH with a
    completely different one.

    --
    Richard Silverman
    res@qoxp.net


  4. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    "Richard E. Silverman" writes:

    >>>>>> "RY" == Randy Yates writes:

    >
    > RY> Hi Folks, I've read the comp.security.ssh faq and I'm still
    > RY> confused.
    >
    > RY> It appeared that the default ssh that wsa installed by the FC4
    > RY> distro was version 1.
    >
    > This would be OpenSSH. I very much doubt the FC4 included OpenSSH v1.
    > Perhaps you're referring to protocol version 1.


    Yes, I meant protocol version 1.

    > RY> Since the FAQ pretty much dissed anything
    > RY> below version 2.20, I upgraded to version 3.2.9.1 via
    > RY> ftp://ftp.ssh.com/pub/ssh.
    >
    > You didn't upgrade; you replaced one implementation of SSH with a
    > completely different one.


    And so how does this knowledge help me get auto-authentication working?
    --
    % Randy Yates % "Rollin' and riding and slippin' and
    %% Fuquay-Varina, NC % sliding, it's magic."
    %%% 919-577-9882 %
    %%%% % 'Living' Thing', *A New World Record*, ELO
    http://home.earthlink.net/~yatescr

  5. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    Richard E. Silverman wrote:
    >>>>>> "RY" == Randy Yates writes:

    >
    >> Hi Folks, I've read the comp.security.ssh faq and I'm still
    >> confused.

    >
    >> It appeared that the default ssh that wsa installed by the FC4
    >> distro was version 1.

    >
    > This would be OpenSSH. I very much doubt the FC4 included OpenSSH v1.
    > Perhaps you're referring to protocol version 1.
    >
    >> Since the FAQ pretty much dissed anything
    >> below version 2.20, I upgraded to version 3.2.9.1 via
    >> ftp://ftp.ssh.com/pub/ssh.

    >
    > You didn't upgrade; you replaced one implementation of SSH with a
    > completely different one.


    Which FAQ is this, anyway?

    And different implementations of SSH have different default locations for
    their host keys, and installing a tarball on top of an RPM installed
    implementation is just begging to leave bits behind or bits out of sync.



  6. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    >>>>> "RY" == Randy Yates writes:

    RY> "Richard E. Silverman" writes:
    >>>>>>> "RY" == Randy Yates writes:

    >>

    RY> Hi Folks, I've read the comp.security.ssh faq and I'm still
    RY> confused.
    >>

    RY> It appeared that the default ssh that wsa installed by the FC4
    RY> distro was version 1.
    >> This would be OpenSSH. I very much doubt the FC4 included OpenSSH
    >> v1. Perhaps you're referring to protocol version 1.


    RY> Yes, I meant protocol version 1.

    RY> Since the FAQ pretty much dissed anything below version 2.20, I
    RY> upgraded to version 3.2.9.1 via ftp://ftp.ssh.com/pub/ssh.
    >> You didn't upgrade; you replaced one implementation of SSH with a
    >> completely different one.


    RY> And so how does this knowledge help me get auto-authentication
    RY> working?

    Well, for starters you probably want to uninstall Tectia (the ssh.com
    software you installed) and use OpenSSH, unless you're planning to
    purchase their software. You've mistaken the protocol version you happen
    to be using (which can be changed by simple configuration) with the
    software version.

    --
    Richard Silverman
    res@qoxp.net


  7. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    "Nico Kadel-Garcia" writes:

    > Richard E. Silverman wrote:
    >>>>>>> "RY" == Randy Yates writes:

    >>
    >>> Hi Folks, I've read the comp.security.ssh faq and I'm still
    >>> confused.

    >>
    >>> It appeared that the default ssh that wsa installed by the FC4
    >>> distro was version 1.

    >>
    >> This would be OpenSSH. I very much doubt the FC4 included OpenSSH v1.
    >> Perhaps you're referring to protocol version 1.
    >>
    >>> Since the FAQ pretty much dissed anything
    >>> below version 2.20, I upgraded to version 3.2.9.1 via
    >>> ftp://ftp.ssh.com/pub/ssh.

    >>
    >> You didn't upgrade; you replaced one implementation of SSH with a
    >> completely different one.

    >
    > Which FAQ is this, anyway?


    http://www.employees.org/~satch/ssh/faq/ssh-faq.html



    I just read the revision history for this FAQ, which states the
    last revision was 5 years ago. Doh!



    This is the top choice from

    http://www.employees.org/~satch/ssh/faq/

    which is the top search result from Google:

    http://www.google.com/search?hl=en&q...=Google+Search

    > And different implementations of SSH have different default locations for
    > their host keys, and installing a tarball on top of an RPM installed
    > implementation is just begging to leave bits behind or bits out of sync.


    I was simply trying to follow the instructions in the FAQ, which essentially
    I interpreted to say "throw away all protocol 1 versions and any older
    protocol 2 versions and install the latest/greatest protocol 2 version."
    --
    % Randy Yates % "My Shangri-la has gone away, fading like
    %% Fuquay-Varina, NC % the Beatles on 'Hey Jude'"
    %%% 919-577-9882 %
    %%%% % 'Shangri-La', *A New World Record*, ELO
    http://home.earthlink.net/~yatescr

  8. Re: Upgraded SSH Public Key Authorization on FC4 Not Working

    "Richard E. Silverman" writes:

    >>>>>> "RY" == Randy Yates writes:

    >
    > RY> "Richard E. Silverman" writes:
    > >>>>>>> "RY" == Randy Yates writes:
    > >>

    > RY> Hi Folks, I've read the comp.security.ssh faq and I'm still
    > RY> confused.
    > >>

    > RY> It appeared that the default ssh that wsa installed by the FC4
    > RY> distro was version 1.
    > >> This would be OpenSSH. I very much doubt the FC4 included OpenSSH
    > >> v1. Perhaps you're referring to protocol version 1.

    >
    > RY> Yes, I meant protocol version 1.
    >
    > RY> Since the FAQ pretty much dissed anything below version 2.20, I
    > RY> upgraded to version 3.2.9.1 via ftp://ftp.ssh.com/pub/ssh.
    > >> You didn't upgrade; you replaced one implementation of SSH with a
    > >> completely different one.

    >
    > RY> And so how does this knowledge help me get auto-authentication
    > RY> working?
    >
    > Well, for starters you probably want to uninstall Tectia (the ssh.com
    > software you installed) and use OpenSSH, unless you're planning to
    > purchase their software.


    The "Tectia" licensing states that you can use their software for
    non-commercial or student use. That's what I am - a grad student.

    I also believe I read somewhere that openSSH was a bit behind the
    curve, so I concluded that, while openSSH was heading in the right
    direction, the "better" software install at the current time was
    Tectia.

    > You've mistaken the protocol version you happen
    > to be using (which can be changed by simple configuration) with the
    > software version.


    Was there some way to avoid that mistake?
    --
    % Randy Yates % "Maybe one day I'll feel her cold embrace,
    %% Fuquay-Varina, NC % and kiss her interface,
    %%% 919-577-9882 % til then, I'll leave her alone."
    %%%% % 'Yours Truly, 2095', *Time*, ELO
    http://home.earthlink.net/~yatescr

  9. Re: Upgraded SSH Public Key Authorization on FC4 Not Working


    "Randy Yates" wrote in message
    news:m3irktzmlz.fsf@ieee.org...

    > I also believe I read somewhere that openSSH was a bit behind the
    > curve, so I concluded that, while openSSH was heading in the right
    > direction, the "better" software install at the current time was
    > Tectia.


    Because of its open source licensing, OpenSSH is vastly better supported and
    integrated in the Linux world. The commercial have some features OpenSSH
    does not, such as what I think is better chroot handling, but for most use
    the general availability and broader installed base along with free tools
    makes using OpenSSH a no-brainer.

    >> You've mistaken the protocol version you happen
    >> to be using (which can be changed by simple configuration) with the
    >> software version.

    >
    > Was there some way to avoid that mistake?


    Not without a bit of digging, and the knowledge that the protocol numbers
    have little to do with the software version numbers.



+ Reply to Thread