Putty doesn't work with Easy RSA keys

banderas20

New Member
Credits
97
Hello,

I have generated a public/private key pair with Easy RSA. I have placed the public key in ~/.ssh/authorised_keys and I'm trying to connect via SSH.
Then I copy the private key into my windows host and open up Putty. I go to Connection --> SSH --> Auth and Browse for the private key.
However, when I click OPEN, nothing happens. If I try "Putty Gen Generator" to convert the format, "Import key" says "Unrecognized Key Format".

¿Why is that so? ¿Isn't it a standard?

Thanks!
 


atanere

Well-Known Member
Credits
0
Hmmm, well, again... not something I'm very familiar with, but I find a lot of YouTube videos describing making the SSH connections as you desire. One of these might clue you in as to what is missing. As to a "standard".... there seem to be many. This link is not far outdated (using PuTTy 0.68 while current is now 0.70)... and it details 5 types of keys that PuTTy will accept from among 2 different protocols (SSH-1 and SSH-2). Your Easy RSA key may be acceptable and you just aren't configuring this correctly, or perhaps you do have a conflict with keys and/or protocols. Why not use PuTTY to generate the key... rather than try convert your Easy RSA key format?

Especially read section 8.2.12 Dealing with private keys in other formats in the above link. It may explain better... and it doesn't seem to show compatibility with Easy RSA with the SSH-2 protocol (nor does it say they are incompatible... but your error indicates that may be the case).

Cheers
 

banderas20

New Member
Credits
97
Hmmm, well, again... not something I'm very familiar with, but I find a lot of YouTube videos describing making the SSH connections as you desire. One of these might clue you in as to what is missing. As to a "standard".... there seem to be many. This link is not far outdated (using PuTTy 0.68 while current is now 0.70)... and it details 5 types of keys that PuTTy will accept from among 2 different protocols (SSH-1 and SSH-2). Your Easy RSA key may be acceptable and you just aren't configuring this correctly, or perhaps you do have a conflict with keys and/or protocols. Why not use PuTTY to generate the key... rather than try convert your Easy RSA key format?

Especially read section 8.2.12 Dealing with private keys in other formats in the above link. It may explain better... and it doesn't seem to show compatibility with Easy RSA with the SSH-2 protocol (nor does it say they are incompatible... but your error indicates that may be the case).

Cheers
Hello atanere.

I have generated the key pair with Easy RSA to setup an VPN following OpenVPN tutorials. Thus I tried to use these same keys instead of generating more. Maybe is as you say, and it's not that "standard". I'll keep on trying.

Thanks for answering!

Cheers!
 

Rob

Administrator
Staff member
Credits
129
I'm not familiar with how putty works, but from a linux standpoint in its simplest form, steps would be:

Client machine:
ssh-keygen

It creates two files:
id_rsa (private)
id_rsa.pub (public)

You'd put the contents of id_rsa.pub in the server machine's ~/.ssh/authorized_keys file, also making sure that the .ssh folder and the authorized_keys file are chmod to 600 permissions.

I'd assume you'd want to put the contents of id_rsa into putty somewhere, or it may have somewhere that you can specify a path to the id_rsa file.

Of course going further, you can use flags with the ssh-keygen command to do things like change output file names, change from rsa to dsa (or other), change the complexity of the hash, etc...
 

banderas20

New Member
Credits
97
I'm not familiar with how putty works, but from a linux standpoint in its simplest form, steps would be:

Client machine:
ssh-keygen

It creates two files:
id_rsa (private)
id_rsa.pub (public)

You'd put the contents of id_rsa.pub in the server machine's ~/.ssh/authorized_keys file, also making sure that the .ssh folder and the authorized_keys file are chmod to 600 permissions.

I'd assume you'd want to put the contents of id_rsa into putty somewhere, or it may have somewhere that you can specify a path to the id_rsa file.

Of course going further, you can use flags with the ssh-keygen command to do things like change output file names, change from rsa to dsa (or other), change the complexity of the hash, etc...
I guessed I should go that way. Thanks for the explanation! :)
 


Members online

No members online now.

Top