Recipe 6.5 Authenticating by Public Key (OpenSSH Client, SSH2 Server, OpenSSH Key)

6.5.1 Problem

You want to authenticate between an OpenSSH client and an SSH2 server (i.e., SSH Secure Shell from SSH Communication Security) using an existing OpenSSH-format key.

6.5.2 Solution

  1. Export your OpenSSH key to create an SSH2-format public key. If your OpenSSH private key is ~/.ssh/id_dsa:

    $ cd ~/.ssh 
    $ ssh-keygen -e -f id_dsa >
  2. Copy the public key to the SSH2 server:

    $ scp remoteuser@remotehost:
  3. Log into the SSH2 server and install the public key, then log out:

    $ ssh -l remoteuser remotehost
    Password: ******** 
    remotehost$ mkdir -p ~/.ssh2                                      If it doesn't already exist
    remotehost$ chmod 700 ~/.ssh2
    remotehost$ mv ~/.ssh2/
    remotehost$ cd ~/.ssh2
    remotehost$ echo "Key" >> authorization      (Appending)
    remotehost$ chmod 600 authorization
    remotehost$ logout
  4. Now log in via public-key authentication:

    $ ssh -l remoteuser remotehost
    Enter passphrase for key '/home/smith/.ssh/id_dsa': *******

6.5.3 Discussion

OpenSSH's ssh-keygen converts OpenSSH-style keys into SSH2-style using the -e (export) option. Recall that SSH2 uses the authorization file, as explained in the sidebar, SSH-2 Key File Formats.

6.5.4 See Also


    Chapter 9. Testing and Monitoring