Authentication: Using Common SSH1 keys in Linux and Windows XP.

["Tom Wason" <wason mindspring com>]

Authentication: Using SSH1 keys in common in Linux and Windows XP. I have a
dual boot system and need authentication from the same site for both OSes.

I am able to mount and see the Windows XP partitions from Linux. I won't go
into the grief entailed in setting this up. I can copy from the XP
partitions, but cannot write to them.  I presume this is normal (read-only).
Getting the security keys files from XP into Linux is not the problem.

Here is the problem: how do I set up Linux to use the keys?  I want to use
the same keys created under Windows under Linux, as I need to access a
remote CVS system from both.  CVS is a document management system.  The keys
in the XP system were generated with PuTTY and are used by pagaent.exe or
plink.exe.  These allow my XP CVS client (WinCVS) to access the CVS server.

I don't have the foggiest notion of how keys work or how they are associated
with a particular application.  It's nothing I need to know to do my work.
Right now, it is an obstacle. I want to just follow some simple instructions
and get to work. I've downloaded cervisia, a CVS client, I think.

The file names that appear to be of interest in Windows XP (in the "putty"
directory) are:

LAPCVS.KEY (1KB, Type = KEY file))
LAPCVS.KEY.PPK (1KB, Type = PPK file))
LAPCVS.PUBLIC.KEY (Type = KEY file)

The 1KB size is the XP value; Linux gives 2 as 540 bytes, the third is
smaller.  I forget which.

Instructions that were sent out in my organization for setting up the RSA
SSH1 key on Unix are as follows (names have been changed to protect the
innocent...):

------------------------------

Unix steps, for an existing CVS client install:

1) ssh-keygen -t rsa1 -b 1024 -C person project org (generates a
1024 bit RSA1 key)
2) more ~/.ssh/identity.pub (look in this file, and copy contents to
the public keys page on LAP site)
3) export CVSROOT=:ext:person cvs project org:/cvsroot/
4) export CVS_RSH=ssh
5) make sure SSH only uses SSH1 protocol (it seems the LAP server only
likes v1 - this is a potential security hole)
6) to check it worked - I executed the following:

ssh person cvs project org -v -v
cvs status
mkdir testing
cvs add testing
cd testing/
cvs -d $CVSROOT co -l .
mkdir test
cvs add test

I got the following:

Directory /cvsroot/test added to the repository

----------------

These are pretty cryptic instructions, at best.  I am very new to Linux. I
am in the midst of a group of highly technical people.  I am a consultant,
and can't pester them with questions that they may feel are of the training
wheels level.

These folks give instructions for generating a new key in Unix land.  I'd
like to take over my XP keys into Linux so that I have the same
authentication of the two different OSes.  Is this possible? I presume the
SSH1 authentication engine in Linux is not the same as the one is XP. I
presume that if I attempt to generate a new key with the remote server, the
old one will be flushed, as the "person    " would be the same.  Our access
rights within CVS are set up relative to "person    "

--Tom


Thomas D. Wason, Ph. D.
tom wason ieee-isto org
+1 919.839.8187
http://www.ieee-isto.org
IEEE Industry Standards & Technology Organization
http://www.twason.com