snatchitup's Journal: OpenSSH

I finally got through the maze that is Secure Shell.

I finally don't telnet. The funny thing about going the open source route is that there are detours and misdirections along the way - they try to point you to non-free software.

I've got the latest versio of OpenSSH.org's server software and I've used both Putty and SecureNetTerm to log into my Linux server from a Windoze box.

The tricky part was getting Protocol 2 going with RSA authentication. There was no HowTO on the net for what I feel is the most common need for a secure shell. That being, logging into you Linux boxen from work where you are in a Windoze environment. Here's the long and the short of it:

1. Upgrade to the latest OpenSSH.org version.

2. Generate the server's keys with ssh-keygen and leave the passphases blank! Generate them all, RSA1, RSA, and DSA.

3. Run sshd, and it'll give you an error message of what to name these keys and where to put them.

4. Generate your own key type RSA. (This is protocol 2). Copy the one that has extension .pub to $home/.ssh/authorized_keys2

5. chmod 600 $home/.ssh/authorized_keys2
6. chmod 600 $home/.ssh/id_rsa

(id_rsa is you private key file for Protocol 2 RSA.

7. Get the file id_rsa to you windows box.

8. Get the latest development version of Putty (Right now, not the latest release, but the latest development version.).

9. Run puttygen.
10. Load the key (id_rsa), it will give you a message that it succesfully converted the OpenSSH Private RSA key to putty.
11. Save the private key.

12. Run putty. Go down to "auth" and load the private key file created by puttygen.

13. Look around the configuration and select SSH2, RSA whereever you can, enter the host address etc.

14. Save you settings and away you go.

15. Go back to you linux box and tighten things up a bit by not allowing password authentication in: /etc/ssh/sshd_config