The guide will familiarise you with steps to connect to a cloud server using SSH keys on a computer that runs on windows 10 (using PuTTY).
SSH is an encrypted connection protocol that allows secure sign-ins over an unsecured network. The protocol handles authentication through a combination of public keys and private keys. These keys build trust between the client and the server while eliminating the need of a password during authentication.
In addition, you can protect your underground information from getting into the wrong hands by adding a passphrase to the private key which enhances the level of security.
It is essential to know that the PuTTYSSH client for Microsoft Windows 10 does not share the same key format as OpenSSH client. Therefore, it is necessary to either generate a new public or private key using PuTTYgen tool or convert an already existing OpenSSH private key to connect to the server.
- PuTTY SSH Client for Microsoft Windows
- Remote server accessible over OpenSSH
STEP1: Install PuTTY and PuTTYgen
To create and use SSH keys on Windows, you need to download and install both- PuTTY – to connect to the remote server through SSH and PuTTYgen – to create SSH keys in the first place. Both are required to convert OpenSSH keys and connect to the server over SSH.
To download these two tools, you have a choice – either download them individually or, preferably, as a Windows Installer from the PuTTY Download Page.
Once you have successfully downloaded the PuTTY Window Installer, double-click the executable in the Download folder and follow the installation process. Set settings to default.
STEP2: Use existing Public and Private Keys
If you use existing public or private keys, copy the “id_rsa” key to your Windows desktop. This can either be done by,
- Copying and pasting the contents of the file or
- Using a SCP client such as PSCP, which helps to transfer file securely between computer using SSH. PSCP is provided with the PuTTY install or FileZilla.
Follow the steps to connect to the server;
- Launch PuTTYgen from Windows Programs List.
- Click “Conversions” from the PuTTY key Generator Menu and select “Import key”.
- Navigate to the Open SSH private key and click on “Open”.
- Under“Actions”you will see an option “Save the generated key”, click on “Save private key”.
- To secure the private key, select an “Optional” passphrase.
- Save the private key to the desktop as “ppk”.
If the public key is already attached to the “authorized_keys” file on the remote SSH server, then proceed to “Connect to Server with Private Key”.
Otherwise, proceed to “Copy Public Key to Server”.
STEP3: Generate New Public and Private Keys
Follow the steps after launching PuTTYgen from the Windows Programs List:
- Under “Parameters” section, increase the “Number of bits in a generated key:” to a minimum value of 2048.
- Below “Actions”section, click on “Generate”.
- To generate the private key, you will be instructed to move the cursor around within the PuTTY Key Generator window.
- Once the important information appears, click “Save private key” under “Actions” section.
- Save the private key to the desktop as “ppk”.
- The Public Key is set in the box under “Public key for pasting into OpenSSH authorized_keys file:”.
STEP4: Copy Public Key to server
- To locate the OpenSSH public key, select “Key > Key Public key for pasting into OpenSSH authorized_keys file”. The public key begins with SSH RSA key pairing followed by a string of characters.
- Highlight the entire public key within the PuTTY Key Generator and copy the highlighted text.
- Launch PuTTY and login to the remote server with your existing username and password.
- Use your preferred text editor to create and/or open the “authorized_keys” file.
- Paste the public key into the “authorized_keys” file.
- Save the file and close the text editor.
- Adjust the permission of the “authorized_keys” file so that the file does not allow group written permissions.
- Log out of the remote server.
STEP5: Connect to server with Private Key
These steps will test your SSH key authentication and connect you to the server. Close the PuTTYgen tool and launch PuTTY again.
- Type the remote server Host Name or IP address under “Session”.
- Navigate to “Connection > SSH > Auth”.
- Click on “..”.
- Locate the “ppk” private key. Click “Open”.
- Lastly, to log in to the remote server with key pair authentication, click on “Open” again to connect.
The first time you try to connect to a server, you will see a security alert popup on your desktop. This popup appears because you haven’t previously connected to this server. So, just click on “OK” and proceed.
However, if you see any security alert or warning in future after already having connected to the server once, probability is your administrator has changed the keys or someone is trying to connect you to a malicious SSH server.