Table of Contents
Introduction
SSH can handle authentication using a traditional username and password combination or by using a public and private key pair. The SSH key pair establishes trust between the client and server, thereby removing the need for a password during authentication. While not required, the SSH private key can be encrypted with a passphrase for added security.
Copy your public key data from the 'Public key for pasting into OpenSSH authorizedkeys file' section of the PuTTY Key Generator, and paste the key data to the 'authorizedkeys' file. Make sure there is only one line of text in this file. Upload the key to a Linux server. The private keys need to be stored and handled carefully, and no copies of the private key should be distributed. The private keys used for user authentication are called identity keys. Setting Up Public Key Authentication for SSH. The following simple steps are required to set up public key authentication (for SSH).
Use the ssh-keygen command to generate SSH public and private key files. By default, these files are created in the /.ssh directory. You can specify a different location, and an optional password (passphrase) to access the private key file. If an SSH key pair with the same name exists in the given location, those files are overwritten. This is for the private key. Now you need to introduce your public key on Server 2. Again a quote from man ssh: /.ssh/authorizedkeys Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described in the sshd(8) manual page.
The PuTTY SSH client for Microsoft Windows does not share the same key format as the OpenSSH client. Therefore, it is necessary to create a new SSH public and private key using the PuTTYgen tool or convert an existing OpenSSH private key.
Requirements
- PuTTY SSH client for Microsoft Windows
- Remote server accessible over OpenSSH
Install PuTTY and PuTTYgen
Both PuTTY and PuTTYgen are required to convert OpenSSH keys and to connect to the server over SSH. These two tools can be downloaded individually or, preferably, as a Windows installer from the PuTTY Download Page.
Once the PuTTY Windows installer is downloaded, double-click the executable in the Download folder and follow the installation wizard. The default settings are suitable for most installations. Both PuTTY and PuTTYgen should now be accessible from the Windows Programs list.
Use Existing Public and Private Keys
If you have an existing OpenSSH public and private key, copy the id_rsa
key to your Windows desktop. This can be done by copying and pasting the contents of the file or using an SCP client such as PSCP which is supplied with the PuTTY install or FileZilla.
Next launch PuTTYgen from the Windows Programs list.
- Click
Conversions
from the PuTTY Key Generator menu and selectImport key
. - Navigate to the OpenSSH private key and click
Open
. - Under
Actions
/Save the generated key
, selectSave private key
. - Choose an optional passphrase to protect the private key.
- Save the private key to the desktop as
id_rsa.ppk
.
Linux Ssh Using Private Key
If the public key is already appended to the authorized_keys
file on the remote SSH server, then proceed to Connect to Server with Private Key.
Otherwise, proceed to Copy Public Key to Server.
Create New Public and Private Keys
Launch PuTTYgen from the Windows Programs list and proceed with the following steps.
- Under
Parameters
, increase theNumber of bits in a generated key:
to a minimum value of 2048. - Under
Actions
/Generate a public/private key pair
, clickGenerate
. - You will be instructed to move the mouse cursor around within the PuTTY Key Generator window as a randomizer to generate the private key.
- Once the key information appears, click
Save private key
underActions
/Save the generated key
. - Save the private key to the desktop as
id_rsa.ppk
. - The box under
Key
/Public key for pasting into OpenSSH authorized_keys file:
contains the public key.
Copy Public Key to Server
The OpenSSH public key is located in the box under Key
/ Public key for pasting info OpenSSH authorized_keys file:
. The public key begins with ssh-rsa followed by a string of characters.
- Highlight entire public key within the PuTTY Key Generator and copy the text.
- Launch PuTTY and log into the remote server with your existing user credentials.
Use your preferred text editor to create and/or open the
authorized_keys
file:Paste the public key into the
authorized_keys
file.Save the file and close the text editor.
Adjust the permissions of the
authorized_keys
file so that the file does not allow group writable permissions.Logout of the remote server.
Ssh Get Public Key From Private
Connect to Server with Private Key
Generate Public Key From Private Key Ssh
Now it is time to test SSH key authentication. The PuTTYgen tool can be closed and PuTTY launched again.
- Enter the remote server Host Name or IP address under
Session
. - Navigate to
Connection
>SSH
>Auth
. - Click
Browse...
underAuthentication parameters
/Private key file for authentication
. - Locate the
id_rsa.ppk
private key and clickOpen
. - Finally, click
Open
again to log into the remote server with key pair authentication.
Comments are closed.