The motivation for using public key authentication for ssh-Login over simple passwords is security. Public key authentication provides cryptographic strength that even extremely long passwords cannot.
What Is puTTYgen?
puTTYgen is a tool for creating new authentication key pairs for SSH. Such key pairs are used for automating logins, single sign-on, and for authenticating hosts.
Creating an SSH Key Pair for User Authentication
- Run PUTTYGEN.EXE
- Make sure the key type is SSH-2 RSA (this is the most secure of the options)
- Click Generate
- Move your mouse in the key field (the utility will use the math associated with your mouse movements to generate a “random” key). Keep moving until the utility tells you to stop.
- Enter a Key Passphrase and Confirm it in the utility
- Save the private key locally.
Here’s an example:
Copying the Public Key to the Server
To use public key authentication, the public key must be copied to a server and installed in an authorized_keys file.
Login as the user who wants to use the public key authentication and create a directory in the users home, call “.ssh”.
Open a file, named “authorized_keys” in this directory:
mkdir .ssh
Chmod 700 .ssh
nano ~/.ssh/authorized_keys
Paste the text from the public key generated with puTTYgen above into this file and save the file.
Changes the permissions on the file so group access is not allowed
chmod 600 ~/.ssh/authorized_keys
How To Use Putty with an SSH Private Key Generated by OpenSSH
Now you can start Putty, enter the machine IP address as usual and then go to Connection->SSH->Auth.
Click Browse, and select your just created private key file (e.g. id_rsa_putty.ppk), go back to Session and save the session.