SSH / Putty Key Based Authentication Login

Instructions on restricting ssh login to key-based (ie not by password) and generating the keys necessary for the log-in.  This was done with putty running in Windows, and OpenSSH running on Debian.

Generate Keys with Putty

  • Run puttygen.exe
  • Choose either ssh2-rsa or ssh2-dsa
  • Increase key size to 2048 (because we can)
  • Click “Generate”
  • Add a comment such “Desktop”
  • Add a passphrase
  • Save the private key
  • Save the public key

Configure Putty to use private key

  • Modify the profile that you would liek to use key authentication
  • Go to SSH->Auth
  • Under “Private key file . . .”, select the private key generated above

Configure sshd to accept private key

  • Login to the target machine with the target username
  • go to ~/.ssh
  • Modify / create authorized_keys
  • Copy and paste the public key saved above into the authorized_keys file.
  • Make sure that you do not introduce any extra characters (like line returns) in the key

Test

  • Test the set-up by logging in with putty.
  • When you connect with putty, putty should ask you the passphrase to the private key, but you should not have to type in the password for the user on the target machine
  • If it doesn’t work, figure it out!

Server-side modification

  • Make sure you did the test, and you can log-in with the key based authentication.
  • Modify /etc/ssh/sshd_config:
PermitRootLogin no
PasswordAuthentication no
  • Restart sshd
/etc/init.d/ssh restart

Voila.

Advertisements
This entry was posted in Computer, Tips. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s