1

I have read through every StackExchange Q/A I could find regarding SSH failing with key pairs from PuTTY. I generated an RSA key pair using ssh-keygen on macOS, used ssh-copy-id to copy the public key to the authorized_keys file on my server, and after disabling password authentication I was able to login to the server with the key pair successfully.

I then went over to my Windows PC, opened up PuTTYGen, imported the id_rsa (private key) file, and saved the private key to the ppk format. Yet, when I added this to my PuTTY>Connection>SSH>Auth>Priv.Key and tried logging into my server, I get server refused our key from the console window.

I have tried changing the number of bits from 2048 to 4096 in the PuTTYGen window (since the fingerprint says ssh-rsa 4096), I checked the permissions on the authorized_keys file (600) & its directory (700), used KiTTY and Solar PuTTY as alternatives, and changed the log level to DEBUG3 in the server's sshd_config. After the last, I noticed this:

debug1: trying public key file /root/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug2: key not found
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: key 0x559259bd7e00 is not allowed
Failed publickey for root from 10.0.0.125 port 57253 ssh2: RSA SHA256:...

Honestly, I'm just at a loss for what to try next. I feel like I've tried everything, but I also don't know if I just don't understand the debug logs well enough. Any help is appreciated, thanks.

Improve this question
2
  • "I have tried changing the number of bits..." The number of bits is a property of the key which you're converting. You can't just change that while converting the key to a different file format. You might be generating a new key in puttygen rather than converting the old key.
    – Kenster
    Commented Apr 21, 2020 at 15:02
  • 1
    The "Parameters" section on the bottom on the PuTTYgen window has any effect only if you "Generate" new key. It has no effect (and the values are not even relevant to the key), when you are converting an existing key only.
    – Martin Prikryl
    Commented Apr 21, 2020 at 15:24

1 Answer 1

Reset to default
3

I had the same issue with the Putty using SSH private key converted to Putty format but server refusing to use it. My solution was:

  1. Download latest putty and puttygen: e.g. 0.76 from www.chiark.greenend.org.uk
  2. Regenerate Putty private key using updated puttygen
  3. Repeat login using latest putty configured to use the regenerated private key

For the private key conversion/export I used the default puttygen settings. The new putty private key ended up with the following header:

PuTTY-User-Key-File-3: ssh-rsa
Encryption: none
Comment: imported-openssh-key
Public-Lines: 6

Hope this helps

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .