On Mon, Jun 12, 2000 at 07:55:00PM +0200, Niels Mvller wrote:
> > My id_dsa.pub file contains:
> >
> > ssh-dss AAAAB3NzaC1kc3 ... V5r8M4rYus0eFHKh5ExA== jbailey@cr499794-a
> >
> > However, ssh-conv appears to be looking for something with some sort of
> > armour around it.
>
> There seems to be some confusion here. Which program created the file
> above?
`ssh-keygen -d' per the ssh-keygen man page.
> The information I got from the openssh folks was that keys were
> stored like
>
> ---- BEGIN SSH2 PUBLIC KEY ----
> Subject: xxx
> Comment: xxx
> AAAA [base-64 stuff]
> ---- END SSH2 PUBLIC KEY ----
A private key that I just generated looks like so:
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDy+gSoQAAZwdmF2lHe+0SnO3vMOOd4/z9JYmgUTkxmscYUc5+W
EwNaqAPcSG3LPsrH5pos3o1gz4z79gIaCAcvCAu6f59VccApmW1MqvjC4ep6iUOm
DpAwzxKbIzlnKMGMUrzQjXhh1PNQj/w2agdfrFmkzjTel4dWLrpXu2DqmwIVAJib
LMqYh/KwGjeRk/+cp6udSBzFAoGBAI878RMCbZvPUgIDRJMwEs5TY2m4QPwZe+Un
82ATUJI7sZXO2wVJTuvctB5eyhxReeMPeMl5FK76RdRRVQcq7sgUx47O5SpAfsad
5LNJL2filVO7jO1eNMrGH2SlYPu1fZUKVI6rEXrcibu2Yc9eGHqKT4gMYrFot0S9
akN2Mof1AoGAEWAF+qb3q03XhYGrkZ7ApAhPHMTOErMqxgofPCuNdtUE8bfVItcW
hyPFKyumWHY+6sy8S9Oey+Kier1enUiXoRXK1TjH1I70lgKwMfPEBIdkkmSkEp0U
185KxHYFKmZcHR0hH5zjCY23t0dCpKuhQ/oz1rxlrOeijqOLWmoZHzcCFD57Ul/Q
adjC7YHy+WzxZPM9XBmp
-----END DSA PRIVATE KEY-----
So maybe there was confusion.
> So that is what the ssh-conv script expects.
>
> > I have also tried:
> >
> > jbailey@subversions:~/.lsh> lsh-decode-key -b <id_dsa.pub
> > lsh-decode-key: Invalid base64 data.
>
> You could try awk '{print $2;}' < id_dsa.pub | lsh-decode-key -b
>
> Or use the updated ssh-conv script, included below. At least for me,
> it decodes your key as
>
> (public-key (dsa (p
>|i3q7cjcSCKzGOGcrTdoOKVoiZPEOviVh312JMpfjf4DmxXuCn2Rb+t751GfzLJHXro5g97jIRfar0kUUZMsaF8mmk3rMORYphpRhpTi3iL3WI17mbZYllElSC70zrvwZBqM3/YR2I1TQa9LVzWvW4ERZracg3Dw4wUvM4L92UnU=|)
> (q |0WFzQCNM9HMMZzqtHpBimwjUjDE=|) (g |eoT0DT84Tx9x2LBsxb
4F3n4C5vuOxIypffL2UJEWCowoHKYVHmPiuO4JZ+eMQT/kp/98yBCLPW5ven7lcTRUTThJGzRKCUFi+IaGo9I4rBiQCkwIkvAZUdX26zi9ZhETy5X+9lgkOJYFPspM6lXi550PXpxSQnPzn6snnbjiiH4=|)
(y
|eylf1qF6PZWHRDhMdqC+FstiITEfwR9oELQFyqK93B29NiahISGmJPJUPFOttk/ZfHM+lC7Lc1L3WycUKqH9XCRwUpzB0X
SAMXYfERfJmbGKXPPHEhjJO2uX9nBtwOsi6RLDhJDOPlatsx+kogtFuRxlea/DOK2LrNHhRyoeRMQ=|)))
>
> (Pipe the key through sexp_conf -f advanced, to get this representation)
I get the same thing and I have installed the key as ~/.lsh/identity.pub
Where .lsh is chmod 700, and identity.pub is chmod 600 (both owned by my uid)
When I connect from OpenSSH, however, it doesn't seem to like my password
(I have tested the key with `ssh localhost')
In debug mode, I do notice something weird, though:
(When I type the password correctly)
Enter passphrase for DSA key '/home/jbailey/.ssh/id_dsa':
debug: read DSA private key done
debug: sig size 20 20
debug: authentications that can continue: password,publickey
[EMAIL PROTECTED]'s password:
(When I type the password incorrectly)
Enter passphrase for DSA key '/home/jbailey/.ssh/id_dsa':
debug: PEM_read_bio_DSAPrivateKey failed
debug: read DSA private key done
[EMAIL PROTECTED]'s password:
This implies to me that the decoding of the password worked locally on
the first one, but failed remotely.
Next step?
--
"It is easy to be blinded to the essential uselessness of computers by
the sense of accomplishment you get from getting them to work at all."
- Douglas Adams
