OpenSSH Tutorial
From LinodeWiki
Contents |
[edit] Setting Public Keys Authentication with Putty
Putty is a great free SSH/Telnet Client. If you don't have it already, you can get a copy in the following link:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
I recommend you to download all the tools availabe, for you convenience they are available in one Zip file.
Binaries for x86 and Alpha:
http://the.earth.li/~sgtatham/putty/latest/x86/putty.zip
http://the.earth.li/~sgtatham/putty/latest/alpha/putty.zip
Windows-style installer (x86 only) for everything except PuTTYtel
http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.58-installer.exe
[edit] Create you private and public key pair
Connect to your GNU/Linux account using Putty and on the shell prompt type the following command.
ssh-keygen -b 2048 -t rsa -C comment -f ~/.ssh/id_rsa
This will generate your public and private keys, with 2048 bits strenght, RSA keys (version 2), add a comment of your preference. The keys will be stored on the directory indicated.
When generating the RSA keys you are asked to for a passphrase, it is not recommended to leave it blank. Use a strong passphrase that is easy to remember but hard to guess. As a minimum your passphrase must be 3 words long with at least 20 characters.
You will have to copy your new RSA private key to the computer where you have Putty installed.
One way for doing this is using the Secure Copy (SCP) program, from your GNU/Linux box type:
scp login@remote_domain.com:.ssh/id_rsa local_folder
You will have to append the RSA public key to your authorized keys file in the Linux box and change its access permissions:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys2 chmod 600 ~/.ssh/authorized_keys2
[edit] Convert your RSA private key to Putty's format
You received the private key by SCP in the local folder you indicated but is in a format that Putty doesn't understand.
To convert it to Putty's format start puttygen.exe and import it thru the Conversions/Import Key menu.
You will be asked for your passphrase that you have used while running ssh-keygen. Also retype the comment; your email on that machine is a good candidate.
[edit] Setting up putty to use your private key
First we create a shortcut that starts the Putty Key Agent and loads our private key:
Click the right mouse key on the desktop (on an empty area), choose --> New --> Shortcut and type in (including "s):
"c:\programs\putty\pageant.exe" "c:\programs\putty\ssh_privkey.ppk"
Give the shortcut a name and enter [Finish].
NOTE: You will have to use the correct paths for the pageant.exe and RSA private keys
Test your new shortcut and if every thing works, you will be asked for your passphrase. Also a small blue computer with a black hat icon will appear on the taskbar.
Now use Putty to connect to your SSH server, type your login name and you should be logged in without typing a password.
You can configure your Putty Session to Auto-Login so you don't have to type your login name. On the Putty Configuration menu and in Connection/Data/Auto-login username type the username.
Resources:
