regenerar clave pública

2

Intenté buscar en Google mi pregunta sin ninguna respuesta que funcione ...

Tengo una id_dsa clave privada, pero "perdí" mi clave pública.

Cuando genero uno público nuevo con ssh-keygen -yf .ssh/id_dsa > .ssh/id_dsa.pub , ssh comienza a pedirme una contraseña en lugar de una frase de contraseña.

¿Podría estar relacionado con xattr en ese archivo? Si es así, no encontré cómo configurar xattr apropiado en id_dsa.pub.

¿Alguna idea de cómo regenerar mi clave pública? (excepto generar un nuevo par de llaves ^^)

Gracias por el tiempo que pasaste leyéndome ;-)

[editar]

espero que esto ayude

salida de ssh -v someserver

OpenSSH_7.3p1, LibreSSL 2.4.1
debug1: Reading configuration data /Users/***/.ssh/config
debug1: /Users/***/.ssh/config line 53: Applying options for aliasname
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: Connecting to ftp.some-server.com [213.186.some.ip] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_rsa-cert type -1
debug1: identity file /Users/***/.ssh/id_dsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/***/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1
debug1: match: OpenSSH_6.0p1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to ftp.some-server.com:22 as 'aliasname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:**********************
debug1: Host 'ftp.some-server.com' is known and matches the RSA host key.
debug1: Found key in /Users/***/.ssh/known_hosts:2
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: Skipping ssh-dss key /Users/***/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/***/.ssh/github_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/***/.ssh/id_rsa
debug1: Trying private key: /Users/***/.ssh/id_ecdsa
debug1: Trying private key: /Users/***/.ssh/id_ed25519
debug1: Next authentication method: password
    
pregunta Michael 22.02.2017 - 16:42

1 respuesta

2

La clave DSA no se usa debido a

Skipping ssh-dss key /Users/***/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes

realmente deberías usar RSA o algún otro tipo de clave. No se recomienda DSA, porque tiene un tamaño fijo de 1024 bits, lo que no es suficiente en la actualidad.

Si realmente tienes que usarlo, puedes agregarlo a tu ~/.ssh/config

PubkeyAcceptedKeyTypes +ssh-dss

como se describe en la documentación oficial para los altoritmos heredados .

    
respondido por el Jakuje 16.03.2017 - 16:03

Lea otras preguntas en las etiquetas