ssh public key?

What’s the secret (pun intended) to putting a public key into a TS16 user?

I keep getting the message across the top bar saying:

The specified SSH public key does not seem to be valid

We’re using standard issue openssh in centos5. Here’s how I generated the key:

rancid $ ssh-keygen -t rsa -b 1024 -C"rancid auto logins"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/rancid/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/rancid/.ssh/id_rsa.
Your public key has been saved in /home/rancid/.ssh/
The key fingerprint is:
c6:0b:56:41:29:0f:d0:c4:e2:27:82:b6:9b:16:f9:eb rancid auto logins


rancid $ cat .ssh/
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwqM2JoymNSqkIHrPTfCIDl2v2ozNMq4vJiqr3pUIQ4cbwPUXroh77rI9dxFIud/Aqf1n7J2DvYhBP/t4c/B4fR1ukXThKG0a8u/GQC+ROjGZzHAJO2P2gv/w9fRSqO04NDS4EDHHlZnMxLwfI5fVlkYZOExw47c+ren1WpamMM0= rancid auto logins

copy the part beginning with ssh-rsa inclusive, and ending with logins inclusive, past it into the TS16 Enable SSH Public Key Authentication box, click Apply, get the above error.

What am I missing here?


I do not know Linux, but I do know that the PortServer needs to use an SSH-2 DSA key,not the SSH-1/2 RSA key. Try using a DSA key and see if you are able to get the PortServer to accept it.

Only DSA keys are supported in these products.

ok, dsa worked. Rats. Yet -another- token to have to keep track of.

The IP issues with RSA have been resolved. Does anyone know if there are plans to correct the dsa-only limitation in the portserver boxes? If not, does anyone know who the decision-maker is for something like this?

I recommend contacting Digi Tech. Support to have an Engineering Change Request written for Product Management review/decision

Thank you.

Sounds like a reasonable idea. Understand someone who knows what they are going to have to upload your public key, but just in case, we might “call the SSH public key” to be completely self-documenting and hope that those who do not know what they discouraged 're really are doing something stupid. :wink: