Windows, Net::SSH: how do I use a private key (w / password)

Private key authentication works with this user, I know because I use it
fine with Putty.

Here is my script right now:

require ‘rubygems’
require ‘net/ssh’

Net::SSH.start( ‘files02’, ‘myuser’, ‘mypassword’ ) do |session|
session.open_channel do |channel|
channel.on_data do |ch, data|
puts data
end

channel.exec "echo \"hello\""

end

session.loop
end

and it works, but I would prefer it to use a private key for the
authentication and then prompt for the key’s password. In the
documentation it says it will automatically look for a key in certain
places, but the places are unix paths and this needs to run from a
Windows (XP) box.

On Apr 15, 6:45 pm, James D. [email protected] wrote:

channel.on_data do |ch, data|

and it works, but I would prefer it to use a private key for the
authentication and then prompt for the key’s password. In the
documentation it says it will automatically look for a key in certain
places, but the places are unix paths and this needs to run from a
Windows (XP) box.

You will need a few things:

Pageant (from PuTTY) is like a ssh keyring that hold all your private
keys. Also, you need to create a PuTTY session with the same name of
your server (files02) and put into Connection -> Data the username
you’re using to log into the server.

That’s what I’m using with capistrano and other Net::SSH things that I
cannot disclose, and worked without issues.

HTH,

Luis L. wrote:

On Apr 15, 6:45 pm, James D. [email protected] wrote:

channel.on_data do |ch, data|

and it works, but I would prefer it to use a private key for the
authentication and then prompt for the key’s password. In the
documentation it says it will automatically look for a key in certain
places, but the places are unix paths and this needs to run from a
Windows (XP) box.

You will need a few things:

Pageant (from PuTTY) is like a ssh keyring that hold all your private
keys. Also, you need to create a PuTTY session with the same name of
your server (files02) and put into Connection -> Data the username
you’re using to log into the server.

That’s what I’m using with capistrano and other Net::SSH things that I
cannot disclose, and worked without issues.

HTH,

So, Net::SSH will pull a key from Pageant? I was hoping for something a
little more portable, like being able to tell it to use a key located in
the same directory as the script.

On Tue, Apr 15, 2008 at 6:45 PM, Luis L. [email protected]
wrote:

Windows (XP) box.

http://rubyforge.org/tracker/?atid=1126&group_id=274&func=browse


Luis L.

I think you can probably do this now, but there are some quirks. You
can pass in a :keys option to Net::SSH.start[1] and point it to your
keys (I think you need both the private and public key on your side).
Also, putty private keys aren’t the same as OpenSSH keys. PuttyGen
has an option to convert to OpenSSH keys, but I didn’t have any luck
using that with Net::SSH. Net::SSH does include a keygen tool
(rb-keygen) that I used to generate a set of keys, and after setting
up that pub key on the SSH server, I was able to connect.

Hope that helps,

Gordon

[1] http://net-ssh.rubyforge.org/chapter-2.html#s3

Gordon T. wrote:

On Tue, Apr 15, 2008 at 6:45 PM, Luis L. [email protected]
wrote:

Windows (XP) box.

http://rubyforge.org/tracker/?atid=1126&group_id=274&func=browse


Luis L.

I think you can probably do this now, but there are some quirks. You
can pass in a :keys option to Net::SSH.start[1] and point it to your
keys (I think you need both the private and public key on your side).
Also, putty private keys aren’t the same as OpenSSH keys. PuttyGen
has an option to convert to OpenSSH keys, but I didn’t have any luck
using that with Net::SSH. Net::SSH does include a keygen tool
(rb-keygen) that I used to generate a set of keys, and after setting
up that pub key on the SSH server, I was able to connect.

Hope that helps,

Gordon

[1] http://net-ssh.rubyforge.org/chapter-2.html#s3

I actually generated the key with ssh-keygen on the linux server (which
needs to be converted to use with Putty, but I expect to use the
unconverted key with the ruby script). What is the syntax of using the
:key parameter? Is it like this?

Net::SSH.start( ‘files02’, :keys=>[‘C:\key_name’] ) do |session|

assuming of course the key file is named ‘key_name’ and resides directly
under the c: drive. Do you put in the name the public key to? (With
Putty and openSSH clients I only need the private key on the client)

On Apr 15, 8:27 pm, James D. [email protected] wrote:

You will need a few things:

So, Net::SSH will pull a key from Pageant? I was hoping for something a
little more portable, like being able to tell it to use a key located in
the same directory as the script.

AFAIK, it relly on plink, plink accepts provide a private key file (-
i), but I didn’t see how that will fit into Net::SSH code.

Maybe you can request it as feature:

http://rubyforge.org/tracker/?atid=1126&group_id=274&func=browse

On Wed, Apr 16, 2008 at 12:33 AM, James D. [email protected]
wrote:

Putty and openSSH clients I only need the private key on the client)

Here’s what I tried, the keys are in the same directory as the script,
so no path.

C:\ruby>ruby -v
ruby 1.8.6 (2008-03-03 patchlevel 114) [i386-mingw32]

C:\ruby>gem li net-ssh

*** LOCAL GEMS ***

net-ssh (1.1.2)

test_ssh.rb

require ‘net/ssh’
Net::SSH.start( ‘local’ , :keys =>[‘private_key.priv’]) do |session|

do stuff

end

I had to rename my public key to private_key.priv.pub (so, name of
private key, with a .pub extension), or it would throw an error.
Right now, I’m testing against a cygwin ssh server on my local
machine. I’ll look at it some more when I get in to work and can test
against a “proper” ssh server.

On Wed, Apr 16, 2008 at 7:24 AM, Robert D. [email protected]
wrote:

know it does not make a lot of sense but happened to me, but maybe the
person sending me the key made an error on the client ( spelling as
PuTTY )
HTH
Robert

Ok, the trick for me was to export the PuTTY private key to an OpenSSH
key in PuTTYgen, then cut and paste the public key into a file, rather
than using the “Save public key” button.

C:\ruby\scripts\ssh_test>dir /b
key
key.pub
ssh.rb

C:\ruby\scripts\ssh_test>ssh.rb
Wed Apr 16 10:01:24 CDT 2008

ssh.rb

require ‘net/ssh’

Net::SSH.start( ‘server’ , :keys =>[‘key’]) do |s|
s.process.popen3( “date” ){ |input, output, error| puts output.read
}
end

On Wed, Apr 16, 2008 at 6:01 AM, Gordon T. [email protected]
wrote:

I think you can probably do this now, but there are some quirks. You
can pass in a :keys option to Net::SSH.start[1] and point it to your
keys (I think you need both the private and public key on your side).
Also, putty private keys aren’t the same as OpenSSH keys. PuttyGen
has an option to convert to OpenSSH keys, but I didn’t have any luck
using that with Net::SSH.
AFAIR you still need to use keygen to convert the key a second time. I
know it does not make a lot of sense but happened to me, but maybe the
person sending me the key made an error on the client ( spelling as
PuTTY )
HTH
Robert


Whereof one cannot speak, thereof one must be silent.
Ludwig Wittgenstein

Gordon T. wrote:

On Wed, Apr 16, 2008 at 7:24 AM, Robert D. [email protected]
wrote:

know it does not make a lot of sense but happened to me, but maybe the
person sending me the key made an error on the client ( spelling as
PuTTY )
HTH
Robert

Ok, the trick for me was to export the PuTTY private key to an OpenSSH
key in PuTTYgen, then cut and paste the public key into a file, rather
than using the “Save public key” button.

C:\ruby\scripts\ssh_test>dir /b
key
key.pub
ssh.rb

C:\ruby\scripts\ssh_test>ssh.rb
Wed Apr 16 10:01:24 CDT 2008

ssh.rb

require ‘net/ssh’

Net::SSH.start( ‘server’ , :keys =>[‘key’]) do |s|
s.process.popen3( “date” ){ |input, output, error| puts output.read
}
end

Hey it works. I also added in the username parameter. Now the sucky
thing is, it displays the password when typing it in.

Anybody know how to hid the password while typing it? Either don’t
display anything, or replace each character with * ?

For what it’s worth, here is my script with all the rubyscript2exe and
keyfile issues resolved:

require ‘rubygems’
require ‘net/ssh’
require ‘rubyscript2exe’

RUBYSCRIPT2EXE.dlls = [“zlib.dll”]
RUBYSCRIPT2EXE.bin = [“rsa_key”, “rsa_key.pub”]

if RUBYSCRIPT2EXE.is_compiled?
keyfile = RUBYSCRIPT2EXE.appdir[0…-4] + ‘bin/rsa_key’
else
keyfile = ‘rsa_key’
end

puts
puts “WARNING!! The password will be displayed as you type.”
puts “Make sure there are no prying eyes!!”

Net::SSH.start( ‘files02’,
:username=>‘myusername’,
:keys=>[keyfile] ) do |session|

system(“cls”)
unless RUBYSCRIPT2EXE.is_compiling?

session.open_channel do |channel|
  channel.on_data do |ch, data|
    puts data
  end
  channel.exec "ls -al"
end
session.loop

end
end

Just make sure zlib.dll, rsa_key (the private key), and rsa_key.pub (the
public key) are in the same directory as the script, and it compiles
just fine with rubyscript2exe, pulling in everything you need.

The password that is being prompted is because I have a password on my
key file. I’m going to try to hack this file
net-ssh-1.1.2/lib/net/ssh/transport/ossl/key-factory.rb to make the
password prompt a little more friendly (not showing the full file name,
and hiding the password as it’s typed).

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs