Walker News

How To Fix “Server Refused Our Key” Error That Caused By Putty Generated RSA Public Key?

Copyright © Walker 22 Mar 2009 16:16
The SSH-2 protocol supports few user authentication types, one of which is public-key cryptography.
Other than security benefit, using public-key cryptography in SSH protocol is relatively easier to implement password-less or non-interactive authentication.

For example, a scheduled shell script can use scp (secure copy) to automate file-transfer between hosts seamlessly in background, without user interaction during authentication stage.

With OpenSSH, default SSH client/server software bundled with most Linux distributions, the ssh-keygen program is used to generate a pair of such cryptographic keys.

As for Putty, popular SSH client suite for Windows, there is this Puttygen program to provide similar functions of ssh-keygen.

However, there is incompatibility issue between RSA type of public key generated by ssh-keygen and Puttygen.

Having said that, you can’t install OpenSSH-generated private key in Putty program. Otherwise, the public-key authentication failed with message that says “Unable to use key file “E:\id_rsa” (OpenSSH SSH-2 private key)”.

Similarly, it’s not possible to install a Puttygen-generated public-key directly into OpenSSH authorized_keys file. If you do so, Putty fails with “Server refused our key” error message during authentication.

So, how to install a Putty-generated RSA type of Public-key in OpenSSH authorized_keys file?

This is the latest “silent” screencast in WalkerNews Channel @ YouTube (alive with background music from AudioSwap):

If you’re on fast and stable connection, please click the HQ button on for watching this screencast in high quality video mode.



As you’ve seen, the trick is to modified a Puttygen-generated public-key to the format of OpenSSH-generated public-key:

1) Edit Putty-generated public-key file with Vi editor,

Original RSA type of public-key generated by Puttygen program.
Original RSA type of public-key generated by Puttygen program.

2) Delete the first two and the last line,

3) Join the remaining lines into one single line, by using the Shift+J command shortcut. Remember to trim space between two line joined by CTRL+J command.

4) Insert ssh-rsa keyword (with one trailing space) in front of the single line.

5) [ OPTIONAL ] Append Login_ID@Host_name keyword (with a initial space) at the end of the single line (replace Login_ID and Host_name with your SSH login ID and host name accordingly).

Modified, tweak RSA type of public-key generated by Putty client program, to be installed into OpenSSH authorized_keys file.
Modified, tweak RSA type of public-key generated by Putty client program, to be installed into OpenSSH authorized_keys file.

6) Append the modified, tweaked Putty-generated public-key (RSA type) to OpenSSH authorized_keys file.

Now, Putty is able to login OpenSSH server with its own set of public-key and private-key pair:

Trick to fix Server Refused Our Key in Putty.


Custom Search

  1. anonymous May 8th, 2009 9:52 PM

    thanks a lot, this not working annoyed the hell out of me, know everything works fine, ta

  2. matt_b July 7th, 2009 4:15 PM

    Thanks for this tip – I was banging my head off the desk trying to get my Windows box to SSH into my ESXi box without a password, and this solved the problem :)

  3. XPaY August 27th, 2009 7:16 PM

    Hi,

    Thanks I was tring to fix this problem since 2 hours!

  4. Montall October 11th, 2009 6:32 AM

    Message “Server refused our key” can be generated even if you will follow these instructions – remember that permissions for .ssh or authorized_keys should exactly follow grants issued with “chmod 700″ for .ssh and “chmod 600″ for authorized_keys.

  5. nay October 21st, 2009 9:24 PM

    Thanks very much, very didactic and helpfull

  6. Shri October 27th, 2009 5:32 PM

    After following your steps, I am getting the prompt for the pass phrtase, but after I enter that, it says “Server unexpectedly closed network connection”.
    Please help.

  7. Walker October 29th, 2009 10:21 PM

    Mostly likely that is caused by too many packet loss, i.e. run a continuous ping to the server, from where you run SSH.

  8. zoehighland December 14th, 2009 1:32 PM

    If I followed the steps,including generating and editing the key, as well as chmod command, is there any other reasons which may cause the “server refused our key”.

    Another Hint: there is another key in a file named know_hosts, and I even tried to edit the key according to this file’s format. I failed again.

  9. Jay December 24th, 2009 7:21 AM

    Thanks for the tip, it helped out greatly. I was able to get it to work and still leave the first line and last two lines in the public key. All I did was concatenate the hash lines into one line and add the ssh-rsa + space part at the beginning. This was important to me because I am trying to automate creating connections between putty and a server so the less I have to edit the file, the less programming I have to do to auto-fix the file

  10. Nick January 14th, 2010 4:49 PM

    Thanks man !!

  11. LeSon January 25th, 2010 10:52 PM

    Thank you!
    Very greate!

  12. franc February 9th, 2010 6:51 AM

    I like the music in the video!

  13. leonard February 18th, 2010 1:57 AM

    You can also get the “server refused our key” error if you have the permission 777 on your $HOME directory.

  14. A.Friend April 3rd, 2010 11:38 AM

    Thanks for the tip. If you want putty to automatically login for you then you need pageant running.

    1. Start pageant.exe
    2. “Add Key” -> your private key file
    3. enter your passphrase. You will see an entry show up. click close. Pageant should still be running in your system tray.
    4. Open putty.exe
    5. load you session as above. (e.g., “ZZZZ”)
    6. goto Connection -> Data
    7. Set “Auto-login username” to your username (e.g., “root”)
    8. Goto Connection -> SSH -> auth
    9. Check “Attempt authentication using Pageant”
    10. save changes to your connection. (e.g., “ZZZZ”)
    11. connect/open and voila! you should be automatically authenticated in to your box.

  15. Sectoid_Dev April 8th, 2010 11:35 PM

    Thanks leonard,

    I’ve been fighting with this a for awhile. The same procedure worked on one machine, but not the other.
    I had 775 on my $HOME, changed it to 755 and now works.

  16. icch8 June 10th, 2010 9:36 PM

    Hello

    After searching for a while I found the reason on one of the last posts of this section. Many thanks ;-)

    regard

  17. avi June 23rd, 2010 7:44 PM

    Thanks for the info! helped me a lot.

  18. very frustrated July 20th, 2010 2:07 AM

    Hello,
    Thank you for the detailed instructions, however I am still getting the same message ” server refused our key” I am not sure why, by the way what is the chmod commands? and what is 600, 777 … etc, I am new in the Linux world, sorry for the DUM question.
    regards.

  19. very frustrated July 20th, 2010 2:09 AM

    follow up, do I have to save the generated public key in a special place in my linux machine? I saved in /root/.ssh/ directory is that correct?

  20. Walker July 20th, 2010 11:31 PM

    The public key file must be appended to $HOME/.ssh/authorized_keys file.

    If you want to ssh using root user ID, then this will be /root/.ssh/authorized_keys.

    The chmod command is used to change a file access permission in UNIX/Linux.

  21. Leon July 29th, 2010 7:30 PM

    Thanks for the ownership connection on /home/user 755

  22. Raja Deshpande August 21st, 2010 12:13 AM

    dear friend,

    This information, you have written, was very very helpful. I was struggling with this problem for 2 days. regards from Stuttgart, Germany.
    Raja

  23. Karthikeyan August 31st, 2010 1:19 PM

    Good Work !!!

    Cheers :-)
    karthik