Confession: I've never used CVS, and my SSH understanding is not as good as it should be. I know the benefits of CVS, and I know not to use Telnet/ftp when I should be using SSH, but I'm still clearly a novice.
For the Perl RSS project I offered to do some XHTML, see here for work in progress. brian said it was okay, and I should check it into the project CVS repository and load it to the site.
I've known that SSH clients support PKI technology, but never bothered with it, as I can remember my password for each machine I use, and anyway I tend to login all day, so I don't pop in and out. So for WinCVS I diligently generated my SSH2 keys and installed the public key on some servers at work, and found that it was actually quite useful, and makes PuTTY even more useful. I then tried the same at home, while I waited for SourceFourge to take and process my public keys.
For some reason my home system refuses to use the keys. Running sshd in uber debug mode I can see that it didn't like the ownership of the .ssh folder (even though on the working machines they were also owned by me, i.e. not root). So I changed the ownership of the folder to root and tried again. This time it went though the motions but failed to find a key in the file, and again defaulted to a manual login. When I copied the .ssh/authorized_keys file to root, and tried to login as root, it worked okay!
I've done some Googling, but so far no luck, I suppose I'll just have to actually read SSH: The Definitive Guide and figure it out on my own. I know my home system is running the latest SSH server, as I compiled it myself, and I know that PKI is enabled in the config file, and I even know it works if you logon as root, I just want to get it working for me....
While this may sound like doom and gloom, I must say on the whole when I read the instructions carefully, I tend to find Linux/Unix easier to use than Windows, I suppose I've just got to engage brain before I point and click.....
SSH File Formats are a nightmare. Everybody does them differently.
-Dom
Re:Beware File Formats
ajt on 2002-11-22T13:53:23
The Keys were generated by puttygen. I'm only using the PuTTY Private keys with PuTTY clients. The latest version can apparently export the keys in other formats, but I've not tried using them with OpenSSH on either Linux or Cygwin yet.
What freaks me out is that the OpenSSH server on my Linux box at home (RH6), allows root to login with the keys but not me, from the same authorized_keys2 file! I can only assume it's something weird in the ownership of the files/folders, and my work systems (running an older OpenSSH version but on RH7.3) are just less picky.
The only Google thing I could find was a SuSE user who discovered that SSH wouldn't read a authorized_keys2 file if it was shared over NFS (I'm not doing that) or if the permissions were wrong.
I'll try again tonight, by which time SourceForge should have done it's stuff with it's keys and I can try WinCVS - which is what I was supposed to be doing in the first place...
Re:Beware File Formats
bbcrack on 2002-11-22T16:21:10
and permissions. use ssh -v -v -v to ge tfull debug infoRe:Beware File Formats - RESOLVED!
ajt on 2002-11-22T19:03:08
Thanks everyone for the input, I'm even investigating Tortoise CVS.
My problem has now been solved. I logged in via a console and manually started SSH in -d -d -d mode, swicthed to the Win box with the KVM swicth, started PuTTY and switched back. The problem was that my home directory was writable by "group", (there is only me and me as root on the box). I had incorrectly assumed that this was a problem with the ~/.ssh folder, but I misread, and it was my home directory. One little chmod and it's all fixed!
Now I'm back at home I can carry on and see if SourceForge is going to let me in so that I can start work on brian's Perl-RSS web site for him!
