Install basic programs/packages
- Obtain the PuTTY package (not just the executable) and install it.
- Optionally obtain the programs WinSCP and mRemote, and install them.
Generate a Key pair
If you haven’t created a key pair yet, and you want to do it from the comfort of your Windows desktop, you can use “PuTTY Key Generator” which was installed as part of the “PuTTY package“:- Open “PuTTY Key Generator” by going into “Start” -> “PuTTY” -> “PuTTYgen”
- While not required, it is recommended that you change the length of your key from the default 1024. Change the number of “bits” at the bottom from “1024″ to “4096″.
- Click “Generate” and move your mouse around randomly until the bar reaches 100%. This “salts“ your key, so try to make your mouse movements as random as possible.
- Once the program is done generating the key,
- On the “Key Comment” line, change it to be something more useful like your name. For example:
- While not required, it is highly recommended that you set a passphrase on the private key. This will protect your private key in case some one gains access to it and you will only be bothered with entering once at machine boot up, if you perform all the steps in the guide.
- Click on “Save private key”.
Note: If you already have a saved private key, you can “extract” the public portion by “load”ing it with the generator.
Configuring the Key-quartermaster
The “Pageant” program that was installed as part of the PuTTY package, can store your key/s and give them to mRemote, WinSCP and PuTTY as required.
This configuration is optional, but doing it will allow you once you’ve SSHed into a machine to continue and SSH from it, to the next machine, with the same key. To do this:- Open ”Pageant” from the start menu. (Note: it may run off to the system tray)
- If it has run off to the system tray, double click it, to bring up the main window.
- Click “Add Key” and give it your saved Key Pair.
- If need be, provide the passphrase.
Loading Keys automatically at startup (Optional)
The process above needs to be repeated after every machine reboot, as Pageant doesn’t save loaded key configurations. To have it load the configuration automatically at startup, you can use one of the two methods below:- Assuming you’ve allowed Pageant to take over the ppk suffix, you should be able to simply add the key files to the Windows “startup” folder.
- Create a shortcut to the program that passes the key-files as parameters. For example, the “Target” command for two(2) keys would look like:
“C:\Program Files (x86)\PuTTY\pageant.exe” “C:\Users\AviadR\Documents\aviad’s 4096.ppk” ”C:\Users\AviadR\Documents\aviad’s 1024.ppk
- Then, add this shortcut to window’s startup.
Enable SSH Agent forwarding (PuTTY/mRemote)
- Open PuTTY.
- Under “Connection” -> “SSH” -> “Auth”.
- Check the “Allow agent forwarding”.
- Go back to “Session”
- Select the “Default Settings” entry.
- Click on “Save”.
- Done.
Enable SSH Agent forwarding (WinSCP)
- In a WinSCP new connection tab, Enable the Advance options checkbox.
- Go to the “SSH” -> “Authentication”.
- Check the “Allow agent forwarding” checkbox.
- Go to the “General Options” by clicking on “Preferences” -> “Preferences”.
- Enable Putty to be invoked with the forwarding option by going into “Integration” -> “Application” and appending the “-A” CLI option.
- You can now make this the template for subsequent connections by going back to “Session” and typing in, the basic information that you know will be uniform across all connections (if any), like Username, IP, Etc’. Then “save” the session.
Author’s Notes
While purists, will say that any serious SSHing, should be done from a Linux machine, the reality is that Ubuntu’s bug #1 ”Microsoft has a majority desktop market share”, still holds true. maybe one day we’ll move to the Linux desktop completely, but that day will not be today and not for the 35 year old shell.
0 comments:
Post a Comment