ssh woes on windows

[John Arbash Meinel]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark Hammond wrote:
|> Yes. ssh.exe will notice that I have a key set up in ~/.ssh/config and
|> it will prompt me on the terminal to enter the password for it.
|
| Right.  My key is at $HOME/.ssh/id_rsa, so its possible ssh.exe would
do the same for me (although I can't seem to convince to work at the
moment).
|
| Either way, something is certainly strange at my end - from all
accounts, plink should be able to use my ssh2 key to establish a
connection to launchpad, but that is not happening for me.  Why I can
successfully upload to launchpad escapes me though, but that’s ok for now.
|

I've never had putty find a key for me. I always have to manually add it
(at which time it prompts me for the password.)

With 'ssh' it can talk to the remote server, and somehow figure out if a
key is going to work, and *then* prompt you to give the password for it.

To have putty use your ssh-keygen key, you have to convert it into
putty's format. The way you do that is to open up the "puttygen"
program, and under "Conversions" there is an Import Key feature.
Browse to your id_rsa key, and it will prompt you for your passphrase,
load it into memory, and then allow you to "save private key" to write
it back out into a putty .ppk file.

My best guess is that your key isn't properly uploaded to Launchpad.
Looking here:
https://edge.launchpad.net/~mhammond/+sshkeys

I only see a "ssh-dss" public key, which I believe is a "DSA" key, not
an RSA key. And IIRC, Launchpad no longer allows access via DSA keys.

So you need to go to:
https://edge.launchpad.net/~mhammond/+editsshkeys

And upload the "id_rsa.pub" key.

By the way, using "ssh -v" is a decent way to figure out if it is trying
to use a public key or not.


|> I suppose forcing it to paramiko and manually loading my key would be
|> an option.
|
| I'm still unclear how paramiko works with your keys: if you were using
paramiko instead of ssh.exe, how do you ask paramiko to load them, and
how do you enter the passphrase?  (I'm assuming paramiko can't use
ssh-agent, otherwise there doesn't seem a good reason to prefer ssh.exe,
unless paramiko also fails to prompt for the passphrase when ssh-agent
isn't running?)
|

ATM, I don't use paramiko :). If I *did*, I would load my ssh-keys
manually into pageant, and have it manage my win32 keys.

I like using ssh.exe because I have it configured already. It knows what
usernames I'm going to be using to access different hosts (jameinel
here, jam, there, bzr_conversion on that machine.) It knows if I have 3
different keys and I want to use a different one for each host. (Though
with any agent, you pretty much just load all your keys in, and then go
from there.)

Both paramiko and ssh are able to prompt for the passphrases on my keys.
You have to be a bit careful about where you put them.
Paramiko does seem to try "os.path.expanduser('~/.ssh/id_rsa')". On
Windows Vista this seems to be at:

C:\Users\jameinel\.ssh\id_rsa

I don't know where you are putting *your* keys.

|> I don't really know a way to get pageant to know that there is
|> a
|> key out there that it *should* be using, and prompting the user for the
|> passphrase. I've only seen the manual "add this key" for pageant. Which
|> paramiko (and supposedly putty) can then try to use when connecting.
|
| Pageant will prompt for the passphrase as it loads the key.
|
| To clarify, what are your current thoughts on how we should determine
the ssh vendor to use?
|
| Thanks,
|
| Mark
|
|

plink seems generally broken, since any time it prompts you it will have
to just hang. So I would downgrade it again, so that we never autodetect
it. Only if the user manually requests it, will we use it.

Then I would autodetect ssh, and fall back to paramiko.

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhnpngACgkQJdeBCYSNAAOX9QCeOUYI6E8MtxhJmEAf8G/svO5o
Y64AoIpPIikaKXBpvwkDZyZhw4rKCeq+
=jZXx
-----END PGP SIGNATURE-----