When using ssh keys generated by puttygen.exe, I receive a “Server refused our key” error. Then I found out that the error-proof way is this: generate ssh key pairs under Linux, and then convert the private key into putty format using puttygen.exe.
Procedures
- change ~/.ssh directory and authorized_keys permissions
chmod 700 .ssh chmod 600 authorized_keys
- generate the key pair. Most tutorials seems to prefer to use dsa format
ssh-keygen -t dsa
- use the default file name and enter the passphrase
- add the public key to authorized_keys
cat id_dsa.pub >> .ssh/authorized_keys
- copy the private key (id_dsa) to the local windows machine. Then use puttygen.exe to convert the key and save it to a separate private key
Then configure the putty to use the new private key.
Additional notes
Under Debian Lenny, I don’t need to make any changes to /etc/ssh/ssh_config
to make putty auto authentication work.
The putty does not authenticate with the public key, but with .ssh/authorized_keys
instead, that’s why the public key should be copied to authorized_keys file.
References
ssh – authorized_keys HOWTO for some fundamentals