User Tools

Site Tools


services:2fa:ssh:putty

Setup key based login from Putty

Before we can use key based login, we first need to create a private/public key set. This is done by the program PuTTYgen. Open this program:

and provide a passphrase before hiting the 'Generate'key. You will have to move your mouse around as this will help randomness in the creation of the key pair. It is strongly advised to provide a complex passphrase which is not your account password!, as this is the only way to secure illegal use of your key pair. Once the keys have been created you need to save each key in its own file.

Make sure to use sensible file names for the two key files. The private key is automatically appended with the .ppk extension, while the public key does not need an extension.

To make PuTTY aware of the private key, go to tab SSH / AUTH and use the Browse button to select the file in which you have previously saved the private key (usually extension .ppk).

Finally, we need to tell PuTTY to use a particular account name for accessing the public key (which we still need to upload). So go to tab Connection / DATA and fill in your STRW account name in the 'Auto-login username' box.

After all these changes, make sure to save the setting: go to Session and click the Save button.

We still need to copy the public key to the server. Use Wordpad to open your public key file and select the text part. In this case from 'AAA' to '=='. Use CTRL-C to copy.

Open the login session to the server (you still have to provide your password), then go to the .ssh directory and edit the authorized_keys file using an editor (e.g. vi) and paste in the copied text from the public file. Make sure the pasted text is one line! Perpend that line with ecdsa-sha2-nistp256 (the selected key type from puttygen) and save the file.

Once the authorized_key file is saved, you can login without typing your password/2fa code, you just have to provide the passphrase.

services/2fa/ssh/putty.txt · Last modified: 2021/03/26 15:31 by deul