Skip to content

Linux Server Setting Up SSH Key Login In Windows Client

Linux Server Setting Up SSH Key Login In Windows Client

In this tutorial, I will be going through how to manually set up a SSH Key Login for your Linux servers. The commands for this tutorial will be based on CentOS 7, but can be easily applied to other distributions.

There will be three parts to this tutorial :

  1. Generating your SSH Key (Public & Private Key) with puttygen
  2. Setting up SSH Key Login on your Linux server
  3. Logging in using SSH Key with putty

If you already have a public & private key, you may skip over to part 2 of the tutorial.

Generating your SSH Key with puttygen
  1. Ensure you have putty installed (puttygen comes along with it). Otherwise, download here
  2. After you have installed it, run puttygen.exe and a window as shown below will appear

    puttygen-homepage-window
    puttygen-homepage-window
  3. Click on the ‘generate’ button as shown below

    puttygen-step1-window
    puttygen-step1-window
  4. Move your cursor within the blank area of the window as instructed in the program

    puttygen-step2-window
    puttygen-step2-window
  5. After you finished moving your mouse, you will be shown this screen

    puttygen-step2-window1
    puttygen-step2-window1
  6. Enter your password

    puttygen-step3-window
    puttygen-step3-window
  7. Save or export your public and private key to a secure folder.
    puttygen-step4-window
    puttygen-step4-window
    1. If you ever need to see your keys again, you can load the file into putty to see it.
    2. YOUR PRIVATE KEY MUST BE KEPT A SECRET AT ALL COSTS !
  8. Copy your public key (right click the textarea -> select all -> ctrl+c)

    puttygen-step5-window
    puttygen-step5-window
Setting up SSH Key Login on your Linux server
    1. SSH into your Linux with putty (its recommended not to use root, but another user)
    2. Create a SSH folder if it does not exist yet
      1. Create SSH directory : mkdir ~/.ssh
      2. Create authorized_keys file : touch ~/.ssh/authorized_keys
      3. Change ssh folder permissions : chmod 0700 ~/.ssh
      4. Change authorized_keys file permission : chmod 0644 ~/.ssh/authorized_keys
    3. Create an entry in authorized_keys file
      1.  Edit authorized_keys file : vi ~/.ssh/authorized_keys
      2. Press the INSERT key to swap to edit mode (previously read-only)
      3. Right click anywhere in your putty window and it should paste the public key you copied earlier
      4. Save the file by entering the following
        1. Press ESC key
        2. Type ‘:wq’ (without quotes)
        3. Press ENTER key
    4. Now we should disable normal password based authentication
      1. Edit /etc/ssh/sshd_config : vi /etc/ssh/sshd_config
            1. Scroll down till you see the following line
              PasswordAuthentication Yes
            2. Press the INSERT key to enable editing mode
            3. Change the ‘Yes’ to ‘No’, so it should ultimately look like the image shown below

              puttygen-disable_password_authentication-1
              puttygen-disable_password_authentication-1
            4. Save the file by entering the following
              1. Press ESC key
              2. Type ‘:wq’ (without quotes)
              3. Press ENTER key
          1. Restart your SSH service : service sshd restart
Logging in using SSH Key with putty
  1. Open up putty.exe
  2. Fill in your hostname and port

    putty-sshlogin-step1
    putty-sshlogin-step1
  3. Browse to Auth section / configuration

    putty-sshlogin-step2
    putty-sshlogin-step2
  4. Load your private key

    putty-sshlogin-step3
    putty-sshlogin-step3
  5. Go back to Session section and open the connection

    putty-sshlogin-step4
    putty-sshlogin-step4
  6. Enter whoever you wish to login

    putty-sshlogin-step5
    putty-sshlogin-step5
  7. Enter your password

    putty-sshlogin-step6
    putty-sshlogin-step6
  8. Congratulations, you are logged in ! (assuming your passphrase was right)
CONCLUSION

Using SSH Key as your authentication method is more secure, as it is a double-layer authentication (your private key, and your password/passphrase). It is not that hard to setup, and once you familiarized yourself with it, it becomes second nature to do so.

Enjoyed the content ? Share it with your friends !
Published inWeb Server

Be First to Comment

Leave a Reply

Your email address will not be published.