понеделник, 31 май 2010 г.

How to Set Up PuTTY SSH Keys

1. Start up PuTTYgen.exe. The defaults of SSH-2 RSA and 1024 bit key should be fine.

2. Click Generate to make the key (moving mouse randomly over blank area).

3. Fill in the comment (me at example.com). Enter a passphrase. A passphrase is more secure, but you'll be prompted for it on every access (unless you use keychain or others).

4. Use PuTTYGen's button to save the public key on your PC (ex. c:\putty\keys\me-at-example.txt).

5. Use button to save the private key. You must use .ppk extension (ex. c:\putty\keys\me-at-example.ppk).

6. Copy the public key from the PuTTYGen text box and place it in ~/.ssh/authorized_keys2. This authorized key file must have 600 permissions. Paste it all in one line.

7. Attach the private key to the PuTTY profile by going to Connection -> SSH -> Auth in PuTTY. Use the Browse button to navigate to the .ppk private key you just made.

8. Enter your username into the PuTTY connection at Connection -> Login Details.

9. Save your PuTTY connection. Now you can open that PuTTY connection and be logged directly into the computer (you must supply a passphrase if you used one).

Details on this procedure can be found here :

If you need to troubleshoot the connection, you can use PuTTY's plink.exe with the -v option to see what's going on :

C:\putty>plink -v -i keys\me-at-example-pvt.ppk me@
Looking up host ""
Connecting to port 22
Server version: SSH-2.0-OpenSSH_3.9p1
We claim version: SSH-2.0-PuTTY_Release_0.60
Using SSH protocol version 2
Doing Diffie-Hellman group exchange
Doing Diffie-Hellman key exchange with hash SHA-1
Host key fingerprint is:
ssh-rsa 1024 f1:df:5b:8d:56:d8:73:90:5c:fe:b2:a8:16:f1:30:d7
Initialised AES-256 CBC client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 CBC server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Reading private key file "keys\me-at-example-pvt.ppk"
Using username "me".
Offered public key
Offer of public key accepted
Authenticating with public key "me-at-example-2009-06-15"
Access granted
Opened channel for session
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command