Can't SSH using PUTTY and PUBKEY

Gilhin · 6. Juli 2014

Hi @all,

I'd like to use a pubkey file instead of a password to log into the console of my OMV 0.6.
To do so, I have created a keypair using PuttyGen. Furthermore, I created a .ssh folder in the home directory of the user who should be able to log-in (yes, he is in the ssh group and uses /bin/bash) and copied the pub-keyfile to ~/.ssh/authorized_keys.
Finally, I added this line

Code

AuthorizedKeysFile %h/.ssh/authorized_keys

in the WebGUI of OMV. When trying to ssh to my OMV using the private keyfile via Putty, I just get a

"Server refused our key".
Seemingly I am doing something wrong or missing something - but I can't find out what it is...
Thank you for your suggestions,
bg,

Gilhin

davidh2k · 6. Juli 2014

You need to edit the ssh config file to allow key authentifcation.

Greetings
David

Gilhin · 6. Juli 2014

The ssh_config or the sshd_config?

The sshd_config alread has enabled RSA and PubKeyFile - that doesn't solve the problem.
The ssh_config only had the possibility to uncomment "RSA autentication" - unfortuntely without any success.
Or am I getting you wrong?
Thx,

Gilhin

davidh2k · 6. Juli 2014

Can't look it up right now, will get back to you tomorrow.

Greetings
David

Gilhin · 6. Juli 2014

Thanks for your help,
read you by tomorrow.

bg,

Gilhin

tekkb · 7. Juli 2014

I'm thinking it is issue with his ownership or chmod. Read this:

https://macnugget.org/projects/publickeys/

Gilhin · 7. Juli 2014

I read and set the rights according to the linked article.
Unfortuntely, my VPN connection is mixed up at the moment so that I can't check whether it works or not.
I'll try and give you a feedback latest by tonight.
Thanks for your support,
bg,

Gilhin

Gilhin · 7. Juli 2014

I was able to test it earlier than expected.
Unfortunately, that did not do the trick.
Any other suggestions?
Thank you in advance,

bg,

Gilhin

SerErris · 30. Juli 2014

You can run a debug session like this here:
http://sfxpt.wordpress.com/201…d-server-configuration-2/

It uses a second sshd bound to another port (222). To use it, you need to setup putty to use a different port than the standard port (222) and then you can see on the console of your OMV the debug output of ssh.

I tried it and beyond mistyping the authorized_keys name, it worked flawlessly on my 0.5.53.

Maybe you copied the public key from putty gen in to the file and put in some linebreaks or stuff like that? So something wrong with your authorized_keys file.

Also great for bad things is haveing write permissions enabled for group and other on authorized_keys file. Check for chmod 600 on the authorized_keys file.

davidh2k · 30. Juli 2014

As a note: If you use e.g. 'ssh-add ~/.ssh/id_rsa' it will deny the keyfile if the permission of the file isn't restricted to the user only.

Greetings
David

Gilhin · 4. August 2014

Sorry for getting back that late, but I was on a business trip.
I'll do as you proposed and will get back to you on whether it worked (hopefully) or not.

Bg,

Gilhin

latimeria · 14. August 2014

Hi Gilhin,
I suggest you follow this guide: it's for RPi but basically works on all Debian version ( choose Putty link to generate key pairs if you use Putty itself to access your OMV ); this guide worked for me on my Debian machine

http://raspi.tv/2012/how-to-se…-ssh-on-your-raspberry-pi

Jetzt mitmachen!