Key-Based SSH Logins With PuTTY

Want to support HowtoForge? Become a subscriber!
 
Submitted by falko (Contact Author) (Forums) on Wed, 2006-12-06 22:55. :: Security

Key-Based SSH Logins With PuTTY

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 12/05/2006

This guide describes how to generate and use a private/public key pair to log in to a remote system with SSH using PuTTY. PuTTY is an SSH client that is available for Windows and Linux (although it is more common on Windows systems). Using key-based SSH logins, you can disable the normal username/password login procedure which means that only people with a valid private/public key pair can log in. That way, there is no way for brute-force attacks to be successful, so your system is more secure.

I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

In this tutorial I use a Windows desktop to connect to a Linux SSH server (Debian Sarge, IP address: 192.168.0.100).

 

2 Install PuTTY, PuTTYgen, And Pageant On The Windows System

First we need to install PuTTY, PuTTYgen, and Pageant on our Windows system. All we need to do is download the exectuable files (.exe) and save them somewhere, e.g. on the desktop. We don't need to install them as they are standalone applications. To start them, we only need to double-click them.

Download the following files from the PuTTY download page and save them on your Windows system, e.g. on the desktop:

http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe

http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe

http://the.earth.li/~sgtatham/putty/latest/x86/pageant.exe

 

3 Create A Profile With Settings For Our 192.168.0.100 Server

In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.

Let's create a profile for our 192.168.0.100 server. Start PuTTY by double-clicking its executable file. You are now in the category Session (see the tree on the left side of the screenshot). Enter 192.168.0.100 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol:

Then go to Connection -> Data and specify the username with that you want to log in to your SSH server under Auto-login username. In this article I use root:

Then go to Session again. Under Saved Sessions enter a name for the profile, e.g. 192.168.0.100 or any other string that lets you remember for which server the profile is. Then click on Save:

The next time you use PuTTY, you can simply select the appropriate profile from the Saved Sessions textarea, click on Load and then Open.


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by Brian (not registered) on Tue, 2013-07-23 19:58.
Thanks for explaining the whole process! I had stumbled through the key generation but couldn't figure out how to get the public key to the server in the right spot. I've bookmarked this page for future reference, because at my new job I've got a lot of servers to ssh to.
Submitted by DizzyBum (not registered) on Mon, 2013-02-25 17:18.
Thanks for this article!  I use Putty non-stop at work and this is going to cut out a lot of the time I spend copying and pasting long passwords.  Very clear and simple instructions.
Submitted by dcb (not registered) on Thu, 2012-08-16 10:13.

This is well explained thank you. Putty does it's job well, but there are few instructions around that explain how to use it. The messages from failed login attempts rarely give any clues about how PuTTY should be set up. Many thanks for taking the time to document these settings and explain them so clearly. It is much appreciated.

David.

Submitted by FalconsMaze (not registered) on Sat, 2010-06-19 19:43.

Thank you for the detailed screen shots and hand holding.  I was able to set this up in five minutes.  On other blogs there are a lot of steps omitted or :"your just suppose to know that setup."

Awesome job!