r1 - 14 Nov 2007 - 10:41:58 - RajMathurYou are here: TWiki > 
Main Web > KandalayaDocuments > UsingKeysWithPutty
Main Web > KandalayaDocuments > UsingKeysWithPuttyUsing keys with Putty and WinSCP (WinSCP3)
OK, so you have a shiny new Linux server with OpenSSH enabled on it, and you want to make it more secure. One step on the way to doing this is to disable password-based logins. Then only people who have an enabled key can login to the server. But what about the Winduhs users? No problems, they can use Putty to login to a shell and WinSCP for file browsing. Here's how they use key-based logins. Here's the 3-step process for setting up and using private keys with Putty & co.- Generate Putty private key (and corresponding OpenSSH public key).
- Enable key on SSH server.
- Use the private key to login to the server.
Generate private keys for Winduhs users
Putty private keys are typically named something.ppk. On Winduhs you can use puttygen (part of the complete putty.zip distribution) to generate private keys. When you use puttygen to generate a .ppk, be sure to also create the corresponding OpenSSH public key -- you will need this in the next step. OK, so you have created two files using puttygen: myname.ppk (the Winduhs key) and myname.pub (the corresponding OpenSSH public key). Don't try to look into them unless you like reading gobbledegook. You DID choose a strong pass phrase for you key, didn't you? If you didn't, Go directly to Jail, Do Not Pass Go, Do Not Collect Rs 200.Enable the key on the OpenSSH server
Copy the myname.pub file you created in the previous step to the server. Enable it in theauthorized_keys file for the user. Enough documentation on that on the 'net.
Use your private key to login to the server
Start up Putty and give your connection details. Don't press Open yet! Now go to the Connection/SSH/Auth tab on the left, and load up myname.ppk in the ``Private key file for authentication'' box. If you want to login to a specific account on this server you could also put that userID in the ``Auto-login username'' box in the Connection/Data tab. If you plan to use this connection frequently you should save it as a Session in the Sessions tab. Then the next time you need to connect to the same server you can load up the saved session and all your connection information will magically get restored. Specifying the key is simpler in WinSCP -- just enter the key file in the ``Private key file'' box. When you connect using this key you will be prompted for the pass phrase for the key. In the default configuration, you will need to enter it every time you use the key. You could also use the putty key agent to store your pass phrase, but I strongly advise against that. -- RajMathur - 14 Nov 2007
Main Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
TWiki Tip of the Day
File attachments
One can attach files to any topic. The action of attaching a file to a topic is similar to attaching ... Read on
One can attach files to any topic. The action of attaching a file to a topic is similar to attaching ... Read on
CommonsConvergence |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback