Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

April 10 2011

putty and ssh public key authentication

putty and ssh public key authentication

hardly ever did i bother to use putty as a normal terminal usually does what i want. unfortunately, there is an "operating system" whose name i will not mention that considers itself so different that the variety of available terminals for it is pretty low.

needing to tunnel an audio stream, i finally engaged in the quest for working ssh public key authentication using putty on such a system. needless to say, i read Chapter 8: Using public keys for SSH authentication and Chapter 9: Using Pageant for authentication of its documentation.

also needless to say, i couldn't have imagined how many pitfalls it contains. on unix, generating a key pair and sending the public key over is something that does not take more than a minute.

putty saved the generated keys somewhere, with the private key named .ppk and the public named whatever. it also offers to export something into openssh format which was what i wanted. i was nevertheless amazed that this file only contains the private key.

the public key that is needed to be put into server:.ssh/authorized_keys looked like some other rsa key that are used for ssl certificates but not very much like the keys that are normally stored in .ssh/authorized_keys. there is something that will output this format that i found on unix but not yet on other platforms, -O public-openssh.

remedy:

edit a copy of this public key file with a text editor, delete all the boilerplate stuff, write ssh-rsa / ssh-dsa on the beginning of the line with the actual key, join all further lines of it to just one, append something like user@host at the end and delete all the rest. the file is now ready to be appended to the other keys in authorized_keys.

the documentation on puttygen on unix has options to directly output this format using -O public-openssh . in this case i did it manually, from this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20110410"
AAAAB3NzaC1yc2EAAAABJQAAAIEAqW/3hc9LgrNfYHFdBU37AM45s0OLfDJ1isvh
V5Ug4h0d/YzY8uzjRcZU5FrUz3NAsLlkgZck7M3Dg61/6oSZRDYAOZwsWJWhv+bx
uBY6Y2JEiFTZP1vIJoaj2v3nJz07w5n6ZtueCtodUWLi8MHotC6+zsXEmCbhI1RR
7u/8ork=
---- END SSH2 PUBLIC KEY ----

into this:


ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAqW/3hc9LgrNfYHFdBU37AM45s0OLfDJ1isvhV5Ug4h0d/YzY8uzjRcZU5FrUz3NAsLlkgZck7M3Dg61/6oSZRDYAOZwsWJWhv+bxuBY6Y2JEiFTZP1vIJoaj2v3nJz07w5n6ZtueCtodUWLi8MHotC6+zsXEmCbhI1RR7u/8ork= user@host

run:

start pageant. i will hang out in the system tray and yes, private keys can be read into it and decrypted at which point it workedforme(tm).

February 28 2011

stuffing a fucked bootloader

screwing over a fucked bootloader

problem:

 u got grub, lilo or something in your partitions but the shit doesnt boot

solution:

 fuck the harddisks MBR over to get a bootmenu that boots any fuckin partition, regardless of whats inside

how-to-repeat:


DISCLAIMER: if you wipe your harddisk(s) trying this its your dogdamn own fault.
also, dos partition labels only. no idea if this works on gpt.

NOTE: this snippet was almost finished but got fucked up on the way. it prolly sounded nicer before.

entering:

some FreeBSD bootmedium (ie. a freesbie image if that works for you or maybe something more recent: a CD, Stick etc)

boot the thing and get root.

make your mind up about which disk you want to replace the MBR of.
if there is just one disk in the box, and this is a PATA disk connected as master on the first bus, the bios will likely call it 0x80 (0x81 for the 2nd etc.).
also, in this case the os will likely call it ad0.

knowing the disks name in terms of bios and OS numbering will help in hitting the right disk.

making the mbr writable:

  sysctl kern.geom.debugflags=0x10

write a new mbr without affecting the partitions on it:

  boot0cfg -B -v -d 0x80 ad0

if everything went well, on next reboot you'll be greeted with a little chooser for booting.

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl