SSH2 and key files - WeOnlyDo Discussion board

SSH2 and key files (General questions)

by chrisfleming, Monday, September 12, 2005, 18:46 (7015 days ago)

I am new to SSH and have basically no knowledge of it. I have created the code to connect to a server and execute a command a retrieve the response. This works fine and I am able to display the output on my aspx page. I am now trying to use public/private key pair with SSH2, but am completely lost on how it all works. I am successfully generating a DSA key. now for the questions:
1. Does the key I generate first need to be loaded on the server I will connect? I believe I read this somewhere.
2. I have f-secure client installed and am able to connect with it. I tried loading the key file from it but get an error that it cannot be loaded. I am not sure what file to use from f-secure. I have 2 key files with my id, one has no extension(private key), the other has .pub extension(public key), but there are also public keys from the server. which key file is the one i would load?
3. Do I need to generate the file everytime I connect or can I just keep reusing the one previously generated?
here is my code so far, any help would be much appreciated or just a link to good reference material on SSH2.

Currently the code fails when trying to load the file
'Creates DSA Key for SSH
Public Function SSHMakeKey() As WeOnlyDo.Security.Cryptography.KeyManager
Dim km As WeOnlyDo.Security.Cryptography.KeyManager = New WeOnlyDo.Security.Cryptography.KeyManager


km.Generate(SSHKeyTypes.DSAKey, 2048)
km.Save(SSHKeyTypes.DSAKey, d:\temp.dsa , password )
km.Load(km.PublicKeyOpenSSH(WeOnlyDo.Security.Cryptography.SSHKeyTypes.DSAKey), password )
Return km
End Function


Re: SSH2 and key files

by wodSupport, Monday, September 12, 2005, 19:41 (7015 days ago) @ chrisfleming

Chris,

let me try to answer your questions:

1. Does the key I generate first need to be loaded on the server I will connect? I believe I read this somewhere.

When you generate your own private key, you need to extract it's public key part (you can do that using wodKeyManager's PublicKeySSH and PublicKeyOpenSSH properties), and paste them to appropriate file on the server. That makes sure that only you have corresponding private key for public key you pasted. If this step wouldn't exist, then basically anyone who generates his key would be able to connect.

2. I have f-secure client installed and am able to connect with it. I tried loading the key file from it but get an error that it cannot be loaded. I am not sure what file to use from f-secure. I have 2 key files with my id, one has no extension(private key), the other has .pub extension(public key), but there are also public keys from the server. which key file is the one i would load?

Unfortunatelly, we cannot reuse F-Secure keys, you must generate new ones. So, generate it, get public part, and paste it on the same place on the server where you did it last time for your existing key. I think F-Secure helpfile will tell you where exactly to paste it.

3. Do I need to generate the file everytime I connect or can I just keep reusing the one previously generated?

No, do this only once, and then load it from the file. If you would regenerate new key, then you would have to paste public key to the server each time. Once you paste one public key, use only corresponding private key each time you connect.


Currently the code fails when trying to load the file...
km.Save(SSHKeyTypes.DSAKey, d:\temp.dsa , password )
km.Load(km.PublicKeyOpenSSH(WeOnlyDo.Security.Cryptography.SSHKeyTypes.DSAKey), password )

Set first parameter in Load method to key name, iow set it to d:\temp.dsa and it should work.

Let me know how it goes.