求助,XP下如何用SECURECRT 公钥登陆DEBIAN

debian99

在XP下安装了SECURECRT,用普通用户名aa生成RSA共钥a.pub,然后传到DEBIAN的  /home/aa/.ssh/下并命名为authorized_keys, chmod 700 authorized_keys,然后在SECURECRT上用aa连接DEBIAN,可系统总是提示钥匙不对,把/etc/ssh/sshd_config中的 钥匙路径改为 $h /.ssh/authorized_keys 也没有用,急死了,请高手指教,谢谢!

debian99

有人懂吗？？？

包子

securecrt很恼火的，我看了看他的key和putty生成的不一样，我想不影响我putty的使用而转到crt也不行。
不过SECURECRT 5。1。3支持tab，这个功能挺不错的

哪个老大有兴趣修改一下putty啊
1：增加tab功能
2：增加目录功能，要不机器多了找的很辛苦
3：增加快捷键功能，不怎么喜欢用鼠标操作，CRT的alt+c alt+p用的很爽。

你出错的原因在你没转换key的格式。多看程序自带的帮助其实可以学到很多东西的。

Configure OpenSSH to Recognize Your Public-Key File


--------------------------------------------------------------------------------

In order to use your public key you must transfer the public-key file  (typically Identity.pub) created by the Key Generation wizard to the ~/.ssh directory on the SSH2 The second version of the SSH protocol which provides a way to encrypt network traffic between a client and a server, with a slightly different set of security features than the SSH1 protocol provides. server A computer program that provides services to other computer programs (called clients). Often the computer on which a server program runs is also called a server. The term host is often used as a synonym for server.. It is recommended that you follow the procedure below for using copy and paste to create a copy of the Identity.pub file in the ~/.ssh directory on the remote machine. If you decide instead to transfer the Identity.pub file to the ~/.ssh directory using an FTP client A computer or application that uses services provided by a server., be sure to transfer the file in ASCII mode. Also be sure to complete step 4d below.

To use copy and paste to configure the SSH2 server to recognize your public-key file:

1.   Log on to the remote SSH2 server using SSH2 and password authentication The process of verifying that an individual truly is who he or she claims to be. Supplying a password is a very common method of authentication. The most secure method of authentication supported in SecureCRT is public-key authentication. See also: identity file, public-private key pair..

2.   On the local machine, use Notepad.exe to open the Identity.pub file that was created with the Key Generation wizard.

3.   With the Identity.pub file opened in the Notepad application, open the Edit menu and choose Select All. Once everything is selected, open the Edit menu again and select Copy.

4.   On the remote machine, complete the following steps:

a.    % cat > ~/.ssh/identity.pub

b.   Click on the SecureCRT paste button    to paste the contents of the Clipboard (which should now contain the contents of your Identity.pub file).

c.   Issue a CTRL+D to close the Identity.pub file.

d.   Convert the key to one that OpenSSH will recognize using the following command:

% [color="Red"]ssh-keygen -i -f ~/.ssh/identity.pub >> ~/.ssh/authorized_keys

If you are connecting to a version of OpenSSH that is older than 2.9, use the following command instead:

% ssh-keygen -X -f ~/.ssh/identity.pub >> ~/.ssh/authorized_keys2

e.   Ensure that you are the only user with permissions to write to your "authorized_keys" file.  This can be done using the following command:

% chmod 600 ~/.ssh/authorized_keys

The method described above uses only a single public key in the authorization file. It is possible to have more than one public key in the "authorized_keys" file. To add additional public keys, repeat steps 2 through 4.

debian99

还有这讲究?好好学习下,谢谢了

包子

是的，ssh1有统一的标准，ssh2没了
ssh,putty,securecrt，三个各不相同

debian99

用你的方法搞定了，谢谢

包子

客气 ：）
灌个水，呵呵

debian99

包子朋友，我想继续请教个问题，那就是如何让SERVER端只允许SSH以RSA认证方式登录呢？我看了一些资料说是vi /etc/ssh/sshd_config设置PasswordAuthentication no 就可以了。我试了下好像没有用，我又修改了ssh_config文件中的 PasswordAuthentication no 项，可还是没有用，当然修改万后我是重启了ssh服务 /etc/init.d/ssh restart，请问我改怎么做呢？现谢谢啦~~