Walker News

How To Fix “Server Refused Our Key” Error That Caused By Putty Generated RSA Public Key?

Copyright © Walker 22 Mar 2009 16:16
The SSH-2 protocol supports few user authentication types, one of which is public-key cryptography.
Other than security benefit, using public-key cryptography in SSH protocol is relatively easier to implement password-less or non-interactive authentication.

For example, a scheduled shell script can use scp (secure copy) to automate file-transfer between hosts seamlessly in background, without user interaction during authentication stage.

With OpenSSH, default SSH client/server software bundled with most Linux distributions, the ssh-keygen program is used to generate a pair of such cryptographic keys.

As for Putty, popular SSH client suite for Windows, there is this Puttygen program to provide similar functions of ssh-keygen.

However, there is incompatibility issue between RSA type of public key generated by ssh-keygen and Puttygen.

Having said that, you can’t install OpenSSH-generated private key in Putty program. Otherwise, the public-key authentication failed with message that says “Unable to use key file “E:\id_rsa” (OpenSSH SSH-2 private key)”.

Similarly, it’s not possible to install a Puttygen-generated public-key directly into OpenSSH authorized_keys file. If you do so, Putty fails with “Server refused our key” error message during authentication.

So, how to install a Putty-generated RSA type of Public-key in OpenSSH authorized_keys file?

This is the latest “silent” screencast in WalkerNews Channel @ YouTube (alive with background music from AudioSwap):

If you’re on fast and stable connection, please click the HQ button on for watching this screencast in high quality video mode.



As you’ve seen, the trick is to modified a Puttygen-generated public-key to the format of OpenSSH-generated public-key:

1) Edit Putty-generated public-key file with Vi editor,

Original RSA type of public-key generated by Puttygen program.
Original RSA type of public-key generated by Puttygen program.

2) Delete the first two and the last line,

3) Join the remaining lines into one single line, by using the Shift+J command shortcut. Remember to trim space between two line joined by CTRL+J command.

4) Insert ssh-rsa keyword (with one trailing space) in front of the single line.

5) [ OPTIONAL ] Append Login_ID@Host_name keyword (with a initial space) at the end of the single line (replace Login_ID and Host_name with your SSH login ID and host name accordingly).

Modified, tweak RSA type of public-key generated by Putty client program, to be installed into OpenSSH authorized_keys file.
Modified, tweak RSA type of public-key generated by Putty client program, to be installed into OpenSSH authorized_keys file.

6) Append the modified, tweaked Putty-generated public-key (RSA type) to OpenSSH authorized_keys file.

Now, Putty is able to login OpenSSH server with its own set of public-key and private-key pair:

Trick to fix Server Refused Our Key in Putty.


Custom Search
  1. anonymous May 8th, 2009 9:52 PM

    thanks a lot, this not working annoyed the hell out of me, know everything works fine, ta

  2. matt_b July 7th, 2009 4:15 PM

    Thanks for this tip – I was banging my head off the desk trying to get my Windows box to SSH into my ESXi box without a password, and this solved the problem :)

  3. XPaY August 27th, 2009 7:16 PM

    Hi,

    Thanks I was tring to fix this problem since 2 hours!

  4. Montall October 11th, 2009 6:32 AM

    Message “Server refused our key” can be generated even if you will follow these instructions – remember that permissions for .ssh or authorized_keys should exactly follow grants issued with “chmod 700″ for .ssh and “chmod 600″ for authorized_keys.

  5. nay October 21st, 2009 9:24 PM

    Thanks very much, very didactic and helpfull

  6. Shri October 27th, 2009 5:32 PM

    After following your steps, I am getting the prompt for the pass phrtase, but after I enter that, it says “Server unexpectedly closed network connection”.
    Please help.

  7. Walker October 29th, 2009 10:21 PM

    Mostly likely that is caused by too many packet loss, i.e. run a continuous ping to the server, from where you run SSH.

  8. zoehighland December 14th, 2009 1:32 PM

    If I followed the steps,including generating and editing the key, as well as chmod command, is there any other reasons which may cause the “server refused our key”.

    Another Hint: there is another key in a file named know_hosts, and I even tried to edit the key according to this file’s format. I failed again.

  9. Jay December 24th, 2009 7:21 AM

    Thanks for the tip, it helped out greatly. I was able to get it to work and still leave the first line and last two lines in the public key. All I did was concatenate the hash lines into one line and add the ssh-rsa + space part at the beginning. This was important to me because I am trying to automate creating connections between putty and a server so the less I have to edit the file, the less programming I have to do to auto-fix the file

  10. Nick January 14th, 2010 4:49 PM

    Thanks man !!

  11. LeSon January 25th, 2010 10:52 PM

    Thank you!
    Very greate!