I have set up sshd on a Linux server and managed to log in via keys generated using ssh-keygen. However, I have made the following observation: When I generate the key pair on the client and copy the public key to the server everythings works fine. But when I generate the key pair on the server and copy the private key to the client I cannot log in. Can anybody explain to me if and why the keys have to be created on the client?
Asked
Active
Viewed 260 times
2
mupro
- 23
2 Answers
2
The keys do not need to be created on the client. The keys don't even need to be created with the same OS. If you use the correct tools you can convert an key generated from the Putty key generator into an OpenSSH format key.
Your problem is most likely because OpenSSH and some other SSH clients are very picky about the permissions of the private keys.
Depending on how you transfered the private key to the client, the permissions of the key may be different from the server, and wrong. The private key should always be 0600 or -rw-------.
You will see a warning about this on the client if you pass the -v option to ssh when you connect. It will complain about the permissions on the private key, or possibly the directory holding the private key.
Zoredache
- 20,438
1
each host - both server and a client have two keys - public and private. If you want a mutual trust you need to generate keys on both and transfer one key from pair to the otherside (from both hosts).
Please read folowing guide.
