SSH RSA key and passphrase with umlaute rejected. Why can't I use umlaute?

6

I'm using Windows PuTTY to access my Linux Server running Ubuntu Server 14.04

I've successfully created an RSA key with password, logged in and placed it into ~/.ssh/authorized_keys. PuTTY is configured to use this private key.

SSH Handshake works on first try and server asks for my RSA password. I insert it and he says that it's the wrong password.

My Password contains numbers, special characters and german Umlaute (ÄÖÜ) (I'm german which means that I have these keys on my keyboard)

I suspect that it either doesn't transmit my Umlaute (mutated vowel) or that Linux and/or SSH doesn't support these characters

Does anyone know what I can do about it?
I would love having numbers, currency characters and Umlaute in my Password because they're considered very safe.
My password isn't very long - Maybe SSH has a minimum char amount?
(It's short because I want to type it fast while making it hard for bruteforce attacks due to rare characters)

Do I need to configure SSH and/or Linux in a special way? My Ubuntu Server is completely in English but the server shouldn't be surprised by these characters because I set the keyboard layout to german on setup and it worked fine.

I hope that this is enough information.
Would be cool if you guys know a solution.

Image

BlueWizard

Posted 2015-10-24T14:29:02.243

Reputation: 298

If you think it's because you're using less common characters such as ü or ø it might be worth testing with a password that contains only regular US characters. I would be surprised though if non-US characters were (still) a problem these days – roaima – 2015-10-24T14:33:43.567

have you check with putty setting that special char are transmitted to putty ?. simply log in with a trivial/temporary password, and try echo 'é' (or whatever) does the 'é' show up ? I'll give a try, but on monday. – Archemar – 2015-10-24T14:56:50.440

Yes, echo ö works. I'm surprised on how hard this question is. I thought you guys just would say "nah, umlaute are forbidden" and the question would be answered. I also checked that I didn't mistyped the password while RSA key creation – BlueWizard – 2015-10-24T15:01:35.480

The key passphrase is only used locally to decrypt an encrypted key file. It's not transmitted to the remote server. Whatever problem you are having is strictly with the putty software on your PC. – Kenster – 2015-10-24T15:29:19.657

Maybe PuTTYgen uses native Windows encoding (UCS-2/UTF-16?) but inside the PuTTY terminal is using the remote encoding (probably defaults to UTF-8)? Try changing Settings->Window->Translation remote character set, or consider using PuTTY's SSH agent Pageant. – Mikel – 2015-10-24T17:27:26.813

Answers

3

Characters outside the basic printable US-ASCII set aren't necessarily forbidden in passwords, but they're a bad idea because you can easily run into encoding issues. Take the character "Ü" (capital U with umlaut) -- in UTF-8 encoding that's C3 9C (hexidecimal)... or it might be encoded as a plain "U" plus a combining umlaut (hex 55 CC 88), or in ISO 8859-1 (hex DC) or in CP437 (hex 9A) or ...

If different programs use different encodings, you can type the "same" password into them and get two (or more) different encodings, and hence they're not the same as far as the password/passphrase/etc-checking system is concerned. In your case it sounds like this is just the passphrase to decode your private key, so it's just a question of whether ssh and PuTTY use the same encoding -- if it was actually the password for the remote system, then you'd also have to worry about various programs trying to translate it for "compatibility" and possibly messing things up in even weirder ways.

I'd recommend sticking to characters in the basic printable ASCII set -- yes, adding characters outside this makes them significantly harder to crack, but it also makes them significantly harder for you to use, and IMO it's not a good trade-off.

Gordon Davisson

Posted 2015-10-24T14:29:02.243

Reputation: 28 538

2makes sense but doesn't solve my Problem :) – BlueWizard – 2015-10-25T05:31:47.390

Asked: 2015-10-24T14:29:02.243

Viewed: 579 times

Active: 2015-10-24T22:49:43.513