-1

Doing a challenge at work. Managed to get netcat to connect to a server. In /home/SomeUser there is a .ssh folder with the usual suspects:

authorized_hosts 
authorized_keys 
id_rsa
id_rsa.pub
known_hosts
known_hosts.back

My question is, now that I can see this (via netcat) how could I now SSH into the server?

pee2pee
  • 277
  • 3
  • 18

1 Answers1

2

You probably can't.

The only information you can get out of this is:

  • id_rsa*: key pair probably created at some point and never used. Even then, the private key is probably passphrase protected.
  • authorized_keys: will list the public keys that can be used to ssh in as that user. If you have access to one of the matching private keys, then great: you're in. Otherwise it doesn't help you much.

Now, if you could modify any of this (well, you would already be in, wouldn't you?) you could add your public key to authorized_keys.

Marc
  • 4,091
  • 1
  • 17
  • 23
  • I echo'd my public key to authorized_keys and imported the ppk into putty but it still says the server refused the key – pee2pee Dec 17 '17 at 22:43
  • So you can modify files on the remote host. How is that not already having access to it? – Marc Dec 17 '17 at 22:44
  • As part of the challenge is to connect via SSH – pee2pee Dec 17 '17 at 22:46
  • 3
    Ok, then make sure you 1) added the key in the right format ("ssh-rsa "), 2) passed the right key to putty (I don't know how putty uses keys, I just know plain ssh), 3) tried logging in with the right user. Also make sure you don't modify the permissions on the `authorized_keys` file or sshd will reject it. – Marc Dec 17 '17 at 22:47
  • @pee2pee - further to Marcs comment key based authentication may be disabled by the server. If you can access the config check it and if necessary modify then restart the server. – Hector Dec 18 '17 at 14:34