| Using RSE with a public key [message #583585] |
Mon, 19 July 2010 17:20  |
Eclipse User |
|
|
|
|
I'm attempting to connect to a remote server but our setup uses public keys in stead of passwords. Any time I try to set up an SSH only connection it asks me for a password. I can connect to servers using password SSH, but on our servers using keys it won't work. Am I missing something in the setup?
|
|
|
|
| Re: Using RSE with a public key [message #643654 is a reply to message #639507] |
Tue, 07 December 2010 13:38  |
| Eclipse User |
|
|
|
While it seems this is the only thread I could find related to SSH private/public key authentication in TM/RSE, I wonder if anyone successfully managed to setup this through Preferences : General : Network : SSH2, as Martin described.
I tried using Galileo and the latest available (through site updates) RSE End-User Runtime 3.1.2.R31 and Target Management Terminal 3.0.2.R31 on a Linux client that works already quite well through OpenSSH client configured for SSH private/public keys against OpenSSH servers on various platforms.
The results were consistently showing the same behavior while using either existing functional OpenSSH keys (tested successfully through OpenSSH), or newly generated and SFTP transfered into remote .ssh/authorized_keys (besides existing working keys):
"The authenticity of host 'TSTSRV' can't be established. RSA key fingerprint is... " I have also attempted to save the private key without encryption, but the connect attempt ended with the same error message, and subsequent offer to authenticate using password rather then existing key.
The are at least 2 inconsistencies I detected during testing with respect to existing working OpenSSH authentication:
1. I have specifically used only DSA encryption, although TM/RSE attempted and failed using RSA (see error message)
2. While the public key prefix is ssh-dss for both existing OpenSSH keys and newly generated TM-RSE DSA keys, the suffix is different: "user@client-host" for existing OpenSSH working keys versus "DSA-1024" generated by RSE Key Management
Not really clear if I am missing something or these are signs of a defect, but I would very much appreciate a simple set of steps that worked successfully for someone in setting SSH private/public keys through Key Management preferences.
Any hint and recommendation is very much appreciated.
Thanks,
Alex
|
|
|
|
|
| Re: Using RSE with a public key [message #645326 is a reply to message #644707] |
Thu, 16 December 2010 11:05 |
| Eclipse User |
|
|
|
Hi Alex,
I can answer the agent question - Eclipse / TM cannot use ssh-agent.
I have no clue regarding the other issue, can you debug it?
I remember using passphrases in the past, there's 2 known issues but
these don't seem related to your case:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=154415
https://bugs.eclipse.org/bugs/show_bug.cgi?id=261740
HTH,
Martin
On 13.12.2010 21:49, Alex Pitigoi wrote:
> Following a few renewed attempts I noticed the following behavior, which
> seems somehow unexpected.
>
> This time I have allowed for the regular userID/password authentication
> and... surprisingly I got the challenge for the right private key
> encryption (.ssh/id_dsa) pass-phrase. It is surprising, as I was not
> expecting for the key authentication to be involved anymore, given I
> have already authenticated to the remote server through regular
> userID/password. I would be interested to know: why this behavior?
>
> Once private key decrypted, the SSH connection got opened to any
> subsequent servers on which the associated public key was uploaded,
> although I wish the existing ssh-agent and keychain in memory
> pass-phrase would have been reused (I was already signed into several
> remote servers through the shell using the same private/public pair).
>
> Can you please help me understand the initial connection flow that
> involved that unexpected need to first provide the regular
> user/password, before the key authentication was considered (while I was
> never required that when using key authentication first time outside
> Eclipse) ? Is there also a separate set of files in Eclipse that store
> know_hosts and anything else related to this flow ?
>
> Thanks,
> Alex
|
|
|
|
Powered by
FUDForum. Page generated in 0.06003 seconds
Home