https://quicktasks.ismael.casimpan.com/tags/keys/Recent content in keys on IT QuicktasksHugo -- gohugo.ioCopyright © 2018–2022, Ismael Casimpan Jr.; All Rights ReservedSun, 05 Apr 2020 18:36:44 +0800https://quicktasks.ismael.casimpan.com/post/converting-putty-public-key-to-openssh/Sun, 05 Apr 2020 18:36:44 +0800https://quicktasks.ismael.casimpan.com/post/converting-putty-public-key-to-openssh/ If you see a public key like below, chances are, it's generated using PuttyGen in Windows. 1---- BEGIN SSH2 PUBLIC KEY ---- 2Comment: "rsa-key-20200101" 3AAAAB3NzaC1yc2EAAAABJQAAAQEArPVm4pY6eNaXFay32YHRdu96PXcwmhzGEWhK 4jmNRt2qWs39vbM/ZCQ7I8aKcgZJ6r35wInWpaqOH2xE0Jzx1rbC0aY+66KnPSFXZ 5WUkUK6oNFt55KbjgpGildiD4hehGHnRbNjoKWtKiOZKFVZPYn4H+oJ1qIUjfRzYn 6a9ArXR0gZ9Ev1tENXdbura3fin5qx8Ng6/NkWHseSiCRRW1vgS4ErSnQhei+8pJI 7l+GZnGhGgd4qDzHdoIt63yTuyPzqutgWhd3HoBahxCrcM9P+Gbo2J1as+8yYP56m 8jI5Jnuq5eFRGu7FDaRbxdvj7ZOXlZleAkY4YstE0kewzfnTW+Q== 9---- END SSH2 PUBLIC KEY ---- PuttyGen has a way to convert to OpenSSH but you can also convert it as follows: 1ssh-keygen -i -f keyfile.pub > newkeyfile.pub More info in https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygenwindows-into-key-pairs-usehttps://quicktasks.ismael.casimpan.com/post/forced-use-ssh-key-not-password/Sun, 05 Apr 2020 18:36:44 +0800https://quicktasks.ismael.casimpan.com/post/forced-use-ssh-key-not-password/ 1ssh -i ./server-keys.ppk -o PubkeyAuthentication=yes -o PasswordAuthentication=no deps@104.129.111.150 Some details in https://unix.stackexchange.com/questions/15138/how-to-force-ssh-client-to-use-only-password-auth Tested in: OpenSSH_7.4p1, OpenSSL 1.0.2k-fipshttps://quicktasks.ismael.casimpan.com/post/permission-denied/Thu, 02 Apr 2020 18:36:44 +0800https://quicktasks.ismael.casimpan.com/post/permission-denied/ 1[icasimpan@icasimpan ~]$ ssh icasimpan@204.48.29.45 2The authenticity of host '204.48.29.45 (204.48.29.45)' can't be established. 3ECDSA key fingerprint is SHA256:/g89dBppp6ir72D3dUvHFm4de2k3NPtYKOOfNkUkFQQ. 4ECDSA key fingerprint is MD5:58:41:92:ed:e1:55:52:3f:69:6a:e5:27:7a:dd:98:6a. 5Are you sure you want to continue connecting (yes/no)? yes 6Warning: Permanently added '204.48.29.45' (ECDSA) to the list of known hosts. 7Permission denied (publickey,gssapi-keyex,gssapi-with-mic). In both source and destination machine, make sure to edit /etc/ssh/ssh_config and add 1PasswordAuthentication yes Then restart sshdhttps://quicktasks.ismael.casimpan.com/post/remove-bad-keys-from-known_hosts/Thu, 02 Apr 2020 18:36:44 +0800https://quicktasks.ismael.casimpan.com/post/remove-bad-keys-from-known_hosts/ Sample 1icasimpan-local:~ icasimpan$ ssh root@99.206.157.36 2@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 3@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ 4@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 5IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! 6Someone could be eavesdropping on you right now (man-in-the-middle attack)! 7It is also possible that a host key has just been changed. 8The fingerprint for the ECDSA key sent by the remote host is 9SHA256:AbJnvQd/cMEDiN0ohMp6gdmBYRhRRp6h8iOBJf0m4Zs. 10Please contact your system administrator. 11Add correct host key in /Users/icasimpan/.ssh/known_hosts to get rid of this message.