Kirk’s Tech Diary

I made a strong step forward in securing my remote admin of our proxy server by changing SSH to only work with an authorized RSA key.  I followed the directions in several HOWTOs, but kept getting a “Server refused our key” error.  Fortunately, I found Andre Molnar’s useful page on How to set up SSH keys: Frustration with “Server refused our key”

I followed the directions at the bottom of the page, designated the private key file in both PuTTY and WinSCP and away we went.  Make sure to set PasswordAuthentication to “no” in /etc/ssh/sshd_config.  This will force the use of an authorized key, and prevents normal username/password logins.

Oh, the other key point is to set the auto-login username in PuTTY.  If this is set, PuTTY will pass that username and the key.  If it is not set, PuTTY will try to use a normal username/password login which we disabled by setting PasswordAuthentication to no.

This entry was posted on Friday, May 9th, 2008 at 8:06 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.