This tip explains how to configure my two favorite Windows SSH clients (PuTTY and SSH Secure Shell 3.2.9) for key based authentication.
A little background. The server that I’m connecting to is OpenBSD using OpenSSH. These same instructions will also work fine using a Linux server running OpenSSH.
First up - PuTTY:
The two files you will need from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html are putty.exe and puttygen.exe
On the server execute the following commands:
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
There should be two files inside this directory: id_rsa and id_rsa.pub
Now copy the public key (id_rsa.pub) to the new file (authorized_keys)
#cp id_rsa.pub authorized_keys
Now transfer the id_rsa file from the Server to your local Windows computer (use SFTP or FTP or whatever method you want). I typically transfer the file to the desktop.
Once the id_rsa file is transferred to your computer we need to convert the OpenSSH private key to a format PuTTY can understand.
- Execute puttygen.exe
Select File -> Load private key
Change Files of type from .ppk to All files .*
Select your id_rsa file and the key will be loaded.
Select the button Save private key. Save the key as id_rsa.ppk
Now start putty.exe
Click Session on the left side bar. Enter the IP address of your server and make sure SSH is the protocol.
In the left bar select SSH. For Preferred SSH protocol version select 2 only.
In the left bar under SSH select Auth. Click Browse and locate the id_rsa.ppk file created earlier.
In the left bar select Session again. Under Saved Sessions give the session a name and hit Save.
Click Open. Login with your username and you should authenticate with your key.
Next up is my favorite SSH Client for Windows. SSH Secure Shell. The version that is available for free can be a little difficult to dig up. You can download it from my server here: SSH Secure Shell 3.2.9
First if you haven’t already connected to the server using standard password authentication do this first.
Once you are connected choose Edit -> Settings.
In the left pane under User Authentication choose Keys. Click the Generate New button.
In the Key Generation screen click Next. Accept the defaults and click Next. Once Key generation has completed click Next.
Name the file id_rsa and click Next.
Click yes at the empty passphrase prompt.
Click the Upload Public Key button.
Under Destination folder change this from .ssh2 to .ssh and click Upload. Then click Finish and Ok.
Now we need to convert the public key we uploaded to the OpenSSH format.
On the server issue the following commands. First cd to the .ssh directory:
Now import and append the key to the authorized_keys file:
#ssh-keygen -i -f id_rsa.pub >> authorized_keys
Now click Quick Connect and input the server information. For Authentication Method use: Public Key.
You should now be using key based authentication under SSH Secure Shell 3.2.9.