[plug] OpenSSH and keys

[Christian]

On Fri, Jul 07, 2000 at 09:13:55PM -0400, Subba Rao wrote:
> I was using openssh-1.2.1 for a while and recently switched to
> openssh-2.1.1
> With the older version of openssh, I could establish connection to my
> server over the Internet. With the newer version, the keys that are
> generated by ssh-keygen do not allow me to connect to my server. The server
> accepts the keys generated by the older version of ssh.
> My ssh client is TeraTerm Pro for windows. I do not think that should make
> any difference. This client works fine with the old keys and the new server.
> I do not why the new keys are not working with the new server.
> Is anyone else experiencing this problem?
> Any ideas appreciated.

I'm no expert in the SSH protocol, particularly the proprietary version
2, but there could be a number of things going on here.  For memory SSH
v1.x required use of RSA whereas v2.x finally supported DH, DSA and
possibly ElGamal so it's possible that the version 2 of the sshd server
doesn't have RSA support and therefore won't handle your RSA keys (this
seems odd and unlikely but it's possible since OpenSSH has attempted to
limit use of restricted algorithms).  Perhaps it defaults to DH instead
of RSA and isn't smart enough to detect you're trying to use RSA? (This
also sounds weird but, like I said, I don't know that much about SSH
v2.x.)  As I said, this all sounds unusual because I checked the FAQ and
couldn't see anything, perhaps it is something peculiar to TeraTerm
after all...  Either way, the obvious solution would be to use normal
password authentication instead of RSA.  Otherwise maybe there's an
updated version of TeraTerm which supports protocol v2 better?  Sorry I
can't help you anymore... :(

Regards,

Christian.