SSH access via PuTTY. Public/private key pair authentication


Lots of web hosting services offer SSH access. Most popular windows SSH client is PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty/). If you however have many different web hosting providers, or more than one accounts, it becomes hard to remember so many usernames/passwords. Here we'll provide a way to login to all your accounts on all hosting providers using the same password (or no password) and in the same time not having to change all SSH passwords or saving them to your computer.

Public/private key authentication

The method we use is SSH authentication with public/private key pair. You can find out more about public/private keys here. In our case we'll just generate such pair, keeping the private key to yourself. The public key will be put as a trusted key on all your SSH accounts. Then we'll setup PuTTY client to use private key for authentication for all web hosting services.

Generating key pair

Download and install PuTTYgen from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html if you don't have it yet. Set "Type of key to generate" to the SSH protocol your hosting service provides (usually you won't have to change it at all). Press "Generate" button and move the mouse to create unique key.

PuTTYgen options

Now that the key is ready you should decide whether or not to use a passphrase. If you choose to have a passphrase, you'll be prompted for it every time you login. Skipping the passphrase however is less secure. Then use "Save public key" to save the public key to a file, for example bobi_key.pub. Save the private key to bobi_key.pkk.

Generated keys

Keep those two files somewhere and do NOT give your private key (*.pkk) to anyone.

Setting up SSH

Use a text editor, ftp or something else to add the public key to authorized keys of each account. Tha file that contains them is ~/.ssh/authorized_keys. If you don't find directory .ssh or such file in it under your home directory just create them. Copy/paste the content of bobi_key.pub to ~/.ssh/authorized_keys (it should be one row like this
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAoGYNZIORXmHJaqhRWDzxGZaTUhxh8tlcBlm8bLIpKBb5fU6N6lwdzBi9qubRakzbgQUq9fCaO2J13pKVHhZbreJRPV+UcJnNHV7rsAxoI89hXeRVmjw75mLs/vq1T0XvDI8Gfyx/5J97nAlSJaW0k7K5qxoxlwG0ta94aRzrzVE= rsa-key-20071103.
Do this on the remaining accounts.

Setting up PuTTY

First create a new session for this host, for example myhosting.tld.

PuTTY sessin setup

In Connection->Data set up Auto-login username to your username (let's say bobi).

PuTTY user setup

In Connection->SSH->Auth set Private key file for authentication to your .pkk file (bobi_key.pkk).

PuTTY key setup

Save the new session and try it. If you have a passphrase you'll be prompted for it. If not - you should login just with a double click - no username and password are required.
Related articles:

Using ssh keys to setup automated secure backup exchange between two servers
Configuring static IP and DHCP on Windows
How to protect and restrict access to a web directory using Apache web server

 

Comments:

mat (10-03-2012 13:14) :
thanks

Back to articles list

This page was last modified on 2024-04-26 10:03:53