Setting up key authentication on SSH

1 Preparation
2 Generating keys
- 2.1 Puttygen (Win)
- 2.2 OpenSSH (Linux)
3 Set up on SSH client
- 3.1 PuTTY (Win)
- 3.2 OpenSSH client (Linux)
4 Set up on SSH server

Preparation

All you really need is to decide what kind of key are you generating:

For differences, read this thread. If you don't care, just use RSA.

Generating keys

Puttygen (Win)

Download Puttygen at this site.

For parameters, choose the applicable type of key you're generating.
Click generate then move to mouse around the empty space in the "Key" box (under the progress bar).
Change comment to whatever you'd like (for example, belminf@home)
You may optionally enter a "Key passphrase" if you would like. If you do enter one, you will be prompted for the passphrase when you login to the remote box.
Save public key (for example: belminf@home.pub)
Finally, save private key (for example: belminf@home.ppk).

Note: You should copy the formatted public key on the top of the window where it says "Public key for pasting into OpenSSH authorized_keys file". It will make it easier for when do configuration on the server.

OpenSSH (Linux)

Type in the following to generate the key: ssh-keygen -t rsa
The first prompt should ask you where to save your key.
The next prompt will ask you for a passphrase. You may leave this empty. If you chose to use a passphrase, you will be prompt at login for it so you must remember it.
Finally, you're given the location of the public key and "identification" (which we will refer to as private key from here on).

Set up on SSH client

So now you have a private key and a public key. Time to set up your clients to offer up the private key to the SSH server.

PuTTY (Win)

Open PuTTY and now we have to enter a few settings:
- Under session screen > enter Hostname and Port of the server
- Under Connection:Data > enter your user name for 'Auto-login username'
- Under Connection:SSH > select '2 only' for Protocol Options.
- Under Connection:SSH:Auth > in the bottom of the window, browse and select your private key file.
Go back to Session section and type in a name under "Saved Session" for this connection and then press save.

To test out the setup, load the session and click "Open" to connect to the server and you should see something like the following:

Using username "belminf".
Server refused our key
belminf@home.iambelmin.com's password:

This is good because we see that the server is receiving the key. It is being rejected because we have yet to enter it in the server's authorized_key file.

OpenSSH client (Linux)

The key is generated in the right place so you're all set.

Set up on SSH server

Copy public key to ~/.ssh/authorized_keys and make sure it's locked (chmod go-rwx ~/.ssh/authorized_keys).

Retrieved from "http://wiki.bfworks.com/Setting_up_key_authentication_on_SSH"

Categories: Services | Linux | Windows

This Content

Your Account

Navigation

Tools