putty and ssh public key authentication

hardly ever did i bother to use putty as a normal terminal usually does what i want. unfortunately, there is an "operating system" whose name i will not mention that considers itself so different that the variety of available terminals for it is pretty low.

needing to tunnel an audio stream, i finally engaged in the quest for working ssh public key authentication using putty on such a system. needless to say, i read Chapter 8: Using public keys for SSH authentication and Chapter 9: Using Pageant for authentication of its documentation.

also needless to say, i couldn't have imagined how many pitfalls it contains. on unix, generating a key pair and sending the public key over is something that does not take more than a minute.

putty saved the generated keys somewhere, with the private key named .ppk and the public named whatever. it also offers to export something into openssh format which was what i wanted. i was nevertheless amazed that this file only contains the private key.

the public key that is needed to be put into server:.ssh/authorized_keys looked like some other rsa key that are used for ssl certificates but not very much like the keys that are normally stored in .ssh/authorized_keys. there is something that will output this format that i found on unix but not yet on other platforms, -O public-openssh.

remedy:

edit a copy of this public key file with a text editor, delete all the boilerplate stuff, write ssh-rsa / ssh-dsa on the beginning of the line with the actual key, join all further lines of it to just one, append something like user@host at the end and delete all the rest. the file is now ready to be appended to the other keys in authorized_keys.

the documentation on puttygen on unix has options to directly output this format using -O public-openssh . in this case i did it manually, from this:

---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20110410"
AAAAB3NzaC1yc2EAAAABJQAAAIEAqW/3hc9LgrNfYHFdBU37AM45s0OLfDJ1isvh
V5Ug4h0d/YzY8uzjRcZU5FrUz3NAsLlkgZck7M3Dg61/6oSZRDYAOZwsWJWhv+bx
uBY6Y2JEiFTZP1vIJoaj2v3nJz07w5n6ZtueCtodUWLi8MHotC6+zsXEmCbhI1RR
7u/8ork=
---- END SSH2 PUBLIC KEY ----

into this:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAqW/3hc9LgrNfYHFdBU37AM45s0OLfDJ1isvhV5Ug4h0d/YzY8uzjRcZU5FrUz3NAsLlkgZck7M3Dg61/6oSZRDYAOZwsWJWhv+bxuBY6Y2JEiFTZP1vIJoaj2v3nJz07w5n6ZtueCtodUWLi8MHotC6+zsXEmCbhI1RR7u/8ork= user@host

run:

start pageant. it will hang out in the system tray and private keys can be read into it and being decrypted at which point it workedforme(tm).

update:

newer versions of puttygen show the public key ready to copy/paste in openssh format