Tuesday, April 10, 2012

SSH Keys Authentication With PuTTY

SkyHi @ Tuesday, April 10, 2012

5 Generate A Private/Public Key Pair

We can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA underType of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:
Please move the mouse pointer over the blank area during the key generation to generate some randomness:
Now a private/public key pair has been generated. Under Key comment, you can enter any comment; normally you use your email address here. Then specify a Key passphrase and repeat it under Confirm passphrase. You'll need that passphrase to log in to SSH with your new key. Then click on Save publick key and save it in some safe location on your computer. You are free to choose a filename and extension, but it should be one that lets you remember for which system it is.
Then click on Save private key. You can save it in the same location as the public key - it should be a location that only you can access and that you don't lose! (If you lose the keys and have disabled username/password logins, then you can't log in anymore!) Again, you're free to choose a filename, but this time the extension must be .ppk:
Then copy the public key from the PuTTYgen window:

6 Save The Public Key On The Server

Then log in to your SSH server (if you have closed the previous SSH session already), still with the username and password, and paste the public key into the file ~/.ssh/authorized_keys2 (in one line!) like this:
mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EA[...]Lg5whU0zMuYE5IZu8ZudnP6ds= myname@example.com
That file must be write/readable only by that user, so we run
chmod 600 ~/.ssh/authorized_keys

7 Attach The Private Key To The PuTTY Profile

Now launch PuTTY again and load the profile of your SSH server (
Then go to SSH -> Auth and click on Browse:
Browse your file system and select your previously created private key:
Then go to Session again and click on Save:
Now we have attached the private key to our PuTTY profile.

8 Our First Key-Based Login

Now everything is ready for our first key-based login to our SSH server. Click on Open:
As you can see, the public key is now used for authentication, and you are asked for the passphrase (the one you specified in chapter 5):