Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » DSDP - Target Management » Using RSE with a public key
Using RSE with a public key [message #583585] Mon, 19 July 2010 21:20 Go to next message
Kier Heyl is currently offline Kier Heyl
Messages: 2
Registered: July 2010
Junior Member
I'm attempting to connect to a remote server but our setup uses public keys in stead of passwords. Any time I try to set up an SSH only connection it asks me for a password. I can connect to servers using password SSH, but on our servers using keys it won't work. Am I missing something in the setup?
Re: Using RSE with a public key [message #639507 is a reply to message #583585] Tue, 16 November 2010 18:43 Go to previous messageGo to next message
Martin Oberhuber is currently offline Martin Oberhuber
Messages: 983
Registered: July 2009
Senior Member
Hi,

please use Preferences : General : Network : SSH2 to set up your SSH
home where the private key can be found. The key must be in OpenSSH format.

HTH,
Martin
Re: Using RSE with a public key [message #643654 is a reply to message #639507] Tue, 07 December 2010 18:38 Go to previous messageGo to next message
Alex Pitigoi is currently offline Alex Pitigoi
Messages: 17
Registered: July 2009
Junior Member
While it seems this is the only thread I could find related to SSH private/public key authentication in TM/RSE, I wonder if anyone successfully managed to setup this through Preferences : General : Network : SSH2, as Martin described.

I tried using Galileo and the latest available (through site updates) RSE End-User Runtime 3.1.2.R31 and Target Management Terminal 3.0.2.R31 on a Linux client that works already quite well through OpenSSH client configured for SSH private/public keys against OpenSSH servers on various platforms.

The results were consistently showing the same behavior while using either existing functional OpenSSH keys (tested successfully through OpenSSH), or newly generated and SFTP transfered into remote .ssh/authorized_keys (besides existing working keys):
"The authenticity of host 'TSTSRV' can't be established. RSA key fingerprint is... " I have also attempted to save the private key without encryption, but the connect attempt ended with the same error message, and subsequent offer to authenticate using password rather then existing key.

The are at least 2 inconsistencies I detected during testing with respect to existing working OpenSSH authentication:
1. I have specifically used only DSA encryption, although TM/RSE attempted and failed using RSA (see error message)
2. While the public key prefix is ssh-dss for both existing OpenSSH keys and newly generated TM-RSE DSA keys, the suffix is different: "user@client-host" for existing OpenSSH working keys versus "DSA-1024" generated by RSE Key Management

Not really clear if I am missing something or these are signs of a defect, but I would very much appreciate a simple set of steps that worked successfully for someone in setting SSH private/public keys through Key Management preferences.

Any hint and recommendation is very much appreciated.
Thanks,
Alex
Re: Using RSE with a public key [message #644676 is a reply to message #643654] Mon, 13 December 2010 17:56 Go to previous messageGo to next message
Martin Oberhuber is currently offline Martin Oberhuber
Messages: 983
Registered: July 2009
Senior Member
Hi Alex,

the error ("authenticity...") sounds like your known_hosts file isn't
found or the respective entry in it isn't found.

I've been using TM/RSE myself with public keys since at least 3 years on
many different machines and it's been just working for me.

When public key authentication works for you on commandline, I'd try
using the TM Terminal next. Check your Preferences. You could probably
also try asking on the jsch-users mailing list, they've got more
experience there with special encryption algorithms etc:
https://lists.sourceforge.net/lists/listinfo/jsch-users
Eclipse uses JSch-0.1.41.

HTH
Martin
Re: Using RSE with a public key [message #644707 is a reply to message #644676] Mon, 13 December 2010 20:49 Go to previous messageGo to next message
Alex Pitigoi is currently offline Alex Pitigoi
Messages: 17
Registered: July 2009
Junior Member
Following a few renewed attempts I noticed the following behavior, which seems somehow unexpected.

This time I have allowed for the regular userID/password authentication and... surprisingly I got the challenge for the right private key encryption (.ssh/id_dsa) pass-phrase. It is surprising, as I was not expecting for the key authentication to be involved anymore, given I have already authenticated to the remote server through regular userID/password. I would be interested to know: why this behavior?

Once private key decrypted, the SSH connection got opened to any subsequent servers on which the associated public key was uploaded, although I wish the existing ssh-agent and keychain in memory pass-phrase would have been reused (I was already signed into several remote servers through the shell using the same private/public pair).

Can you please help me understand the initial connection flow that involved that unexpected need to first provide the regular user/password, before the key authentication was considered (while I was never required that when using key authentication first time outside Eclipse) ? Is there also a separate set of files in Eclipse that store know_hosts and anything else related to this flow ?

Thanks,
Alex
Re: Using RSE with a public key [message #645326 is a reply to message #644707] Thu, 16 December 2010 16:05 Go to previous messageGo to next message
Martin Oberhuber is currently offline Martin Oberhuber
Messages: 983
Registered: July 2009
Senior Member
Hi Alex,

I can answer the agent question - Eclipse / TM cannot use ssh-agent.
I have no clue regarding the other issue, can you debug it?

I remember using passphrases in the past, there's 2 known issues but
these don't seem related to your case:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=154415
https://bugs.eclipse.org/bugs/show_bug.cgi?id=261740

HTH,
Martin

On 13.12.2010 21:49, Alex Pitigoi wrote:
> Following a few renewed attempts I noticed the following behavior, which
> seems somehow unexpected.
>
> This time I have allowed for the regular userID/password authentication
> and... surprisingly I got the challenge for the right private key
> encryption (.ssh/id_dsa) pass-phrase. It is surprising, as I was not
> expecting for the key authentication to be involved anymore, given I
> have already authenticated to the remote server through regular
> userID/password. I would be interested to know: why this behavior?
>
> Once private key decrypted, the SSH connection got opened to any
> subsequent servers on which the associated public key was uploaded,
> although I wish the existing ssh-agent and keychain in memory
> pass-phrase would have been reused (I was already signed into several
> remote servers through the shell using the same private/public pair).
>
> Can you please help me understand the initial connection flow that
> involved that unexpected need to first provide the regular
> user/password, before the key authentication was considered (while I was
> never required that when using key authentication first time outside
> Eclipse) ? Is there also a separate set of files in Eclipse that store
> know_hosts and anything else related to this flow ?
>
> Thanks,
> Alex
Re: Using RSE with a public key [message #648564 is a reply to message #639507] Thu, 13 January 2011 14:28 Go to previous message
No real name is currently offline No real name
Messages: 1
Registered: January 2011
Junior Member


[Updated on: Thu, 13 January 2011 14:31]

Report message to a moderator

Previous Topic:TM has moved to Tools, this Forum is closed!
Next Topic:RSE server packaging
Goto Forum:
  


Current Time: Fri Sep 19 00:00:26 GMT 2014

Powered by FUDForum. Page generated in 0.04820 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software