server refused our key - putty

[rasczak]

So I set up an ssh server for a customer. the setup is as follows

remote client to office. the client will be using terminal services to access CRM software on the server located in the office. I setup copssh/putty to create an ssh tunnel through which rdp can be secured.

when i start the putty console and open the session, i get a message "server refused our key". I enter the password and then i get to a prompt.

Using username "caf".
Server refused our key
caf@192.168.5.52's password:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Program Files\ICW\home\caf>

I used puttygen to create the key on the server then copied it over to the workstation.

the question is, is the tunnel secure? I can't tell if ssh is actually invoked here or not.

 

[Jamsan]

copssh is a port of the openSSH for windows. Putty / openSSH can't directly share keys generated with each other, without minor tweaks. The below article should show you what you need to do to modify the key generated to work in copssh.

http://www.walkernews.net/2009/03/2...hat-caused-by-putty-generated-rsa-public-key/

Anything that references openssh, just refer to copssh.

 

[Crusty]

Use puttygen on the workstation to create a public and private key file.

Append the public RSA key into the users .ssh/authorized_keys file on the server. Then startup pagent(comes with the putty installer) on the workstation, load the private key into pagent, and then just launch putty as normal.

The big point is you need to generate the key-pair on the workstation first, then copy the public the key to the server.

 

[rasczak]

Use puttygen on the workstation to create a public and private key file.

Append the public RSA key into the users .ssh/authorized_keys file on the server. Then startup pagent(comes with the putty installer) on the workstation, load the private key into pagent, and then just launch putty as normal.

The big point is you need to generate the key-pair on the workstation first, then copy the public the key to the server.

I was able to get it working. I missed the step about creating a public key and was using the private key on both the server and workstation. I followed the instructions verbatim and after loading the private key on the server and loading the public on the workstation, I was able to get a good tunnel going.

Thanks for pointing that part out.