Configure ssh public Keys with PuTTY (jwenet.net)

Configure ssh public Keys with PuTTY

Use Puttygen to generate an ssh2 RSA keypair

Save both the public and private keys to disk

Point PuTTY at the private key

Change Settings -> Connection -> SSH -> Auth
Be sure to save the default configuration afterwards.

To avoid typing your password every time, run pageant

Without PuTTY configured correctly and Pageant running, your login will fall back to asking for a password. Keys do not autoload themselves in Pageant either, you specifically add them on the command line like so:

  c:\bin\pageant.exe c:\homedir\private.ppk

Configure the specific user's directory on the server: OpenSSH-style sshd

Note: tested OK on AIX 4.3+, HPUX 11+, and Linux (Redhat 7.1+, Fedora Core 1+)
Easy way:

  scp -r .ssh newserver:

Long way:

  mkdir ~/.ssh
  chmod 700 ~/.ssh
  vi ~/.ssh/authorized_keys
    copy and paste in the entire contents of the 
    "public key for pasting into OpenSSH authorized_keys file:" box
  chmod 600 ~/.ssh/authorized_keys
  test; if this does not work, especially on older servers, you may need to:
    mv ~/.ssh/authorized_keys ~/.ssh/authorized_keys2
    (which is deprecated but does seem to help for old sshd's)

Configure the specific user's directory on the server: ssh.com-style sshd

Note: tested OK on Tru64 v5.1+
Easy way:

  scp -r .ssh2 newserver:

Long way:

  mkdir ~/.ssh2
  chmod 700 ~/.ssh2
  vi ~/.ssh2/authorization
    copy and paste in the entire contents of the 
    "public key for pasting into OpenSSH authorized_keys file:" box
    add a line: "key pubkey.filename" as the second line
  chmod 600 ~/.ssh2/authorization
  test

Long way (v5.1b+):

  mkdir ~/.ssh2
  chmod 700 ~/.ssh2
  vi ~/.ssh2/authorization
    add a line: "key pubkey.filename" as the second line
  vi ~/.ssh2/pubkey.filename
    copy and paste in the entire contents of the 
    "public key for pasting into OpenSSH authorized_keys file:" box
  chmod 600 ~/.ssh2/authorization
  test

Proper permissions are necessary on the server directories and filenames. Incorrect permissions will cause no end of strange failures and non-working results.

  mode  file
  ============================
  0750  ~/   (0755 seems OK also.  *NOT* 77x or 777 :-) 
  0700  ~/.ssh
  0600  ~/.ssh/authorized_keys
  0600  ~/.ssh/authorized_keys2
  0700  ~/.ssh2
  0600  ~/.ssh2/authorization
  0600  ~/.ssh2/pubkey.filename

keywords: howto, how to
date: 06/28/2005