Saturday, September 22, 2012

Using Windows PuTTY with SSH Keys

Well, I am embarrassed to say that it took me a bit of time to figure out how to log into a Unix system using PuTTY and SSH keys.

I could not find (or understand) this information easily in the PuTTY document site. I felt that this information is assumed to be known. So if you landed on this page, then you have the same issue as I had. Note that from Unix to Unix, the instructions are straight forward as to where you would store the keys and such. This is an article about the Windows PuTTY.

Based on my experimentation there are two ways that the SSH Key can be loaded. Once way is to specify the Private Key (I did not say Public Key) portion in the PuTTY configuration. I will explain this in a moment. And the second way is to use Pageant.EXE. The latter approach is the one I actually like better but both will work.

First, if you have never done this sort of things, then you are a bit out of luck as I am not going to explain how to use Puttygen to generate keys and where to find Pageant and the like. I can, however, give you one quick way to get those loaded is to install Tortoise Git on your windows.

Now, assuming that you got keys generated and stored them somewhere kind of safe (I put mine somewhere in my own Documents folder so only I can see it and not others on the network.)

Here are some key things you need to remember to do.
  • Start your PuTTY
  • Create a new profile, but most importantly you should set your user name in the [Host Name] field. For example, admin@192.168.1.10  Otherwise, your user name get prompted for and also the password too. This is more important if you are using Pagent to log-in.
  • If you are NOT using Pageant
    • Before you press that [Open] button, navigate to Connection: SSH: Auth node on the  Category panel.
    • You will find [Authentication Parameters] field. In there you specify the location of your Private Key.
    • Then you should go back to the Session node and save current configurations.
    • In this approach you will have to supply the password each time you connect, which kinds of defeat the purpose of using the keys.
  • If you are using Pagent, then the prime advantage of this is that once you give the password for the private key then from that point on you can log in to any SSH sessions that is associated with your key pair while its running without supplying it again.
    • Add your private key in Pageant. You can access Pagent from the notification tray section.
    • If it is not running, you will have to manually start it from the start menu where Pageant is stored.
    • (Note you may still have to do the Key Load part into the session as described in "If you are NOT using Pagent" but I did not have to. If I have to do that I will update this article.)
    • You do still need to load the key to Pageant each time you log into your Windows session.


No comments: