I may be off base but I have seen this a few times where your are using a form of openssh and the?target is tectia or another product like that that uses the .SSH2 client. I believe you need to convert your key, see below. Maybe this is it. If not, and you have control over the remote, have them start the ssh server in debug mode,? sshd -d -d -d and it will show why your request is being rejected, cryptic but you will see it. You can also at the same time debug the client with -v -v -v options on the ssh line
Case 1. OpenSSH server and SSH2 client
Suppose you already generated an RSA2 key pair on your SSH2 client machine, and the public key is stored at ~/.ssh2/id_rsa_1024_a.pub.
The following procedure applies to DSA key pairs too.
Copy your SSH2 public key from your SSH2 client machine to your OpenSSH server like:
Once this is done, the .pub files you created are no longer needed so you can remove them if you like.?
Now your SHH2 client should be able to connect to the OpenSSH server with the public key authentication.
Case 2. SSH2 server and OpenSSH client
Note that RSA2 is not working on ISI's SSH2 servers at the the time the guide is written. DSA works fine, so you should generate a DSA key pair with the ssh-keygen on your OpenSSH client machine. By default, the public key is stored at ~/.ssh/id_dsa.pub.
Run the OpenSSH version of ssh-keygen on the OpenSSH client machine to convert the OpenSSH public key into the format needed by SSH2:?
Copy this SSH2 public key to your .ssh2 directory on the SSH2 server:
scp ~/.ssh/dsa_ssh2.pub server:.ssh2/dsa_ssh2.pub
If you can't copy the public key because the password authentication is disabled, you can email it to the system administrator and ask him/her to do the following for you (~/ is your home directory).
Add this new pub key to the authorization on the server:
echo Key dsa_ssh2.pub >> ~/.ssh2/authorization
Once this is done, the temporary .pub file you created on the OpenSSH client is no longer needed so you can remove it. DO NOT remove the .pub file you just copied to the SSH2 server.
Now your OpenSSH client should be able to connect to the SSH2 server with the DSA public key authentication
From: Steve McKay <steve.mckay@xxxxxxxxxxx>
Sent: Wed, 12 Mar 2008 11:11 am
Once again, we're attempting to use SFTP (yes, the one in SSH) to connect to
a business partner's server. I've done the ssh-keyscan and have gotten
their public key (I think) and have done ssh-keygen and created my
private/public keys (I think). Do they have to install my public key on
When I 'call qp2term' and enter 'sftp myuserid@xxxxxxxxxxxxxxx', I get the
This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact