![]() An immediate advantage of this method over traditional password authentication is that you can be authenticated by the server without sending your password over the network. However, they need a full X.509 certificate as "-cert" just the public key isn't enough, as it would be for SSH. SSH keys are a way to identify yourself to an SSH server that uses public-key cryptography and challenge-response authentication. Add your key (s) to that and then set the local proxy command to: plink -agent -l user proxyhost -nc host:port That will tell plink to use the pageant keys to authenticate to both hosts. The s_client options -cert and -key are of course for authenticating to the TLS server. 1 The best way I've found to do this is similar to what you've got, but you need pageant running. (Don't need this for ~/.ssh/id_rsa though – it is used by default.) If you have a SSH keypair, you'll need to specify it as an option to ssh as well: ssh -i ~/.ssh/id_workplace -o Prox圜ommand. ![]() Usually ssh connects to the server over TCP directly, but you can use the Prox圜ommand option tell it to go through another program: ssh -o Prox圜ommand="openssl s_client -connect localhost:7000 -quiet" dummyname Start the ssh-agent eval '(ssh-agent -s)' Add the private key to the ssh-agent ssh-add /.ssh/idrsa Connect to the remote server using the private key ssh rver ssh-agent /. The prompt you're seeing is the initial SSH handshake, and the server expects you to reply to it therefore, you still need to run a program like ssh that would talk the SSH protocol on top of the TLS tunnel. Once that's done, however, it merely transfers arbitrary data from one end to another. The openssl s_client tool is purely a TLS (SSL) client it is capable of peeling away the TLS layer that HAproxy or stunnel might add. This section will walk you through how to generate these keys and add them to a host. You are confusing the clients of two completely different protocols. SSH public key authentication is a convenient, high security authentication method that combines a local 'private' key with a 'public' key that you associate with your user account on an SSH host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |