How to create a key for Putty to connect a Gentoo box

[vibidoo]

Dear All

I would like to use putty from Win-dows to connect my Gentoo box (ssh).

The Gentoo security guide explain prretty well how to create a key if you are on a Linux client .But not for a Win_dows Client

My gentoo seem to be well setup , because the key are loading during the boot .
And I setup the /etc/ssh/sshd_config file as notice on the security guide.


But I don't know how to create a key on a Win_dows system

[xpunkrockryanx]

it should work right out of the box... no need to do anything extra. just open putty, put the ip address in, select ssh (rather than telnet) and hit enter.

if you've tried that, what error is it that you're getting?

-ryan

[vibidoo]

Yes I did

always the same error :

Network error : connection refused

But do I have to log on my Wind system as a root or a wheel user ?

[magnuson]

Are you trying to connect using a password challange or using a public key method? If it's just a standard password then vibidoo is right, and putty should just work. On the other hand if you want to use a dsa key to connect with you need to convert the private key you generated with openssh to a format that putty can understand using puttygen.exe which you can find on the putty website.

putty has extensive documentation on this sort of thing
http://the.earth.li/~sgtatham/putty/0.53b/htmldoc/Chapter8.html#8.2.12

[kashani]

Does your sshd_config contain this line:

[solatis]

When I emerged it, i did /etc/init.d/sshd start and it created the keys on the fly...
_________________
Grtz,

Leon Mergen
http://www.solatis.com/

[vibidoo]

:Kashani:
Yes

I have ListenAddress 127.0.0.1 on /etc/ssh/sshd_config
I will try to comment it out and to restart sshd.

:Solatis:
My problem is not on my gentoo Box ,I guess I have the right key

On /etc/ssh , I have many key file as : ssh_host_dsa_key , ssh_host_dsa_key.pub , ssh_host_rsa_key ssh_host_key_rsa.pub , ssh_host_key ssh_host_key.pub .

My problem is on my wind_ows system , I use it as a client to connect the gentoo , and putty.exe always send me the same error

[vibidoo]

:magnuson:

I downloaded puttytgen to generate public and private keys pair on my Wind-ows system.

Once keys are generated what to do with ?

[Jester]

I'm having a similar problem. I just installed SSH the other day on my Gentoo box, and it was working fine until I rebooted. Now that I've rebooted, it seems not to be working. I tried to SSH in using Putty, and it "actively refused" my connection. So, thinking it was maybe a Putty problem, I tried it from my other Gentoo box. That one got the same error, so of course I'm thinking that there's something wrong with my setup or something....I originally posted the same thing at the last post of this thread

Feel free to answer my other questions...!

[kashani]

[vibidoo]

Kashani

you were right I uncomment

ListenAddress 127.0.0.1

And I can connect to my ssh port

Thanks A lot

[Jester]

Okay, well, I thought the problem was cos the service wasn't starting up at boot, but that's not it....My sshd_config file looks okay, but I'm no expert, either. Here's the important stuff it contains....

[Jester]

Okay, well, actually, I just restored my original sshd_config file, and that made everything okay. It seems that the line giving me the trouble was

[riceboy50]

A point of interest in this discussion is the generation of server keys for your sshd. When I was setting up my sshd I had to read a thread (not sure where anymore) that said to add sshd into the boot runlevel and reboot. The appropriate keys (ones you have uncommented in sshd_config file) will automatically be generated by the runscript. That's how I solved my problem.
_________________
I am logged on therefore I am...

[vibidoo]

Well now I can not identify

root and my wheel user are always access denied

[magnuson]

Is it just those two usernames or can regular user accounts conenct? In any case I would check your /etc/passwd to make sure that those users have default shells defined. That is, after the last colon the should be something like /bin/bash. Like so...

magnuson:x:2537:100::/home/magnuson:/bin/bash

Replace /bin/bash with your favorite shell.

I don't think that this would prevent users in the wheel group from logging in but just for giggles you might also what to check your sshd_config file for the entry PermitRootLogin. It defaults to "yes" so unless you changed it there shouldn't be a problem there.

[vibidoo]

I just have two users for testing

The root and a wheel user .

on etc/passwd I set /bin/bash as shell .

Still have access denied

[Jester]

You may wanna try doing what I did and just rename your current sshd_config file and then restore your default file (provided you didn't just overwrite it) and make settings changes one line at a time, based on what you want to accomplish with it. That way, you can narrow it down to what line specifically is causing the problem. Just a suggestion, though...I'm by no means qualified to say, "This is what you SHOULD DO..." heheheh

[riceboy50]

Here is something to try with your sshd_config:
Comment out every line except the Port, HostKey, and Subsystem lines. Then erase the current server keys and init the runlevel in which sshd resides. By erasing the current keys and restarting sshd from it's runlevel you will regenerate new keys. I also don't claim that this will work, just something to try.
_________________
I am logged on therefore I am...

[doug-x07]

You should also check whether your authorized_keys file is group writeable. If it is sshd will refuse to use it and refuse the connection. So change the permissions if needed.

You can get much more detailed session logging by setting the logging option in putty to Log ssh packet data and by setting in sshd_config LogLevel to VERBOSE or DEBUG. That way you'll get detailed information on why connections are being refused.

Vibidoo are you using public key authentication or just password challenge ?
_________________
#! /usr/bin/perl
if( @first != $succeed ) {
post { $question->forum && eval '$answers' };
try { $again } catch { $problem && $resolve };
bless $posters; }