?
Solved

Coming from Linux openssh keygen, where do I put the keys in puTTY?

Posted on 2014-11-16
6
Medium Priority
?
231 Views
Last Modified: 2014-11-17
I have done this before, but so long ago, and cannot recall the gory details. The following is what I remember. However,  the key is refused by puTTY. Tell me where I am going wrong.

On Ubuntu linux under root, I am creating the keypair using: <ssh-keygen -t rsa>.  While in ssh-keygen, I chose ~/.ssh as the location. Then, I made the permission for the .id_rsa private key as: <chmod 700 id_rsa>.  I see the two keys in my .ssh directory.

Still in Ubuntu, I created an authorized_keys file in .ssh with: <touch authorized_keys>. Then I copied the .pub file into authorized_keys with: <cat id_rsa.pub >> authorized_keys.

I do not know what the permissions should be for the key files and the authorized_key file. I am not sure where the authorized_keys file goes.

I am certain that the private key id_rsa remains in the .ssh folder under the user (~/.ssh/id_rsa).

Finally, I am assuming that I should ftp the .pub key to my Windows 7 machine, somehow puTTY will use that file to put the key into a local Windows file named: c:\putty\ privatekeys.pkk.

Someone please tell me where I am going wrong. Thanks in advance.
0
Comment
Question by:RayRider
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 22

Expert Comment

by:mcsween
ID: 40445888
I could post the step by step instructions here but this link gives a detailed tutorial how to set this up.  Like the tutorial, I always generate my keys using puTTYgen from the Windows side then paste my authorized_keys into a text file via ssh terminal.

You will create the keys, copy the public key to ~/.ssh/authorized_keys on the SSH server with 700 permissions, put the private key on the client computer (win 7) and enter it in putty under Connection\SSH\Auth 'Private Key File for Authentiacation'

http://www.ualberta.ca/CNS/RESEARCH/LinuxClusters/pka-putty.html
0
 

Author Comment

by:RayRider
ID: 40445896
Additional comment: In Windows puTTY, I can find NO procedure to use the remote Linux's public key. I see a puTTY key generator that apparently creates the key pair and places the private key into the the file: c:\putty\privatekeys.pkk.

No provisions are made for Windows puTTY to use the remote "public key". At least, that I can determine. I thought the idea was to pass around the public key to the remote host. Apparently, I cannot pass the public key into puTTY, but must go the other way with the Windows puTTY public key being generated by puTTY and transferred to the Linux box. And, I am guessing the "authorized_keys" file in the ~/.ssh directory is where that puTTY public key should go.
0
 

Author Comment

by:RayRider
ID: 40445903
Mcsween:

You were commenting and I was posting additional comment at the same time. Thanks for your link and advice. It appears I had just a few minutes ago figured out what you just told me. Let me give that a try and I will comment back. Thanks
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 22

Accepted Solution

by:
mcsween earned 2000 total points
ID: 40446168
Just in case, to comment on your update.

The public key goes on the SSH server, the private key goes in putty (see screenshot)
Enter your username to connect with (see other screenshot)
Once you've entered the settings under Auth and Data go back to the Session section and enter the hostname/IP Address, give the session a name and click Save.  Next time you can just double click on it in the list.

Authentication Steps:
puTTY will connect to the ssh server
SSHD asks puTTY for a username
If you entered a username on the data section puTTY sends the username, otherwise user enters it
puTTY will then attempt to authenticate with pre-entered private key.  If you have a password on this key (you should) then you will be prompted for it.
SSHD compares the private key to it's public key for that user (~./ssh/authorized_keys) and grants or denys access.
If the keys don't match puTTY then prompts your for your password to the SSH server
If they match then bash or whatever shell you are using launches
Capture.PNG
capture1.png
0
 

Author Comment

by:RayRider
ID: 40446535
mcsween:

I got it to work finally. I would not follow the instructions in puTTY!!!  Instead of copying the public key at the top window into Windows clipboard as the job aid told me to do, I was clicking on the "save public key" button, and sending that file to the Ubuntu server to be inserted into the authorized_keys file. I have not checked to see what is different. But, once I pasted the screen to notepad and saved it, then ftp'ed the file to the Ubuntu server, the keys are now recognized.

Next, I wish to follow your last procedure to see if that works as well. That is more like the procedure I remembered where the key pairs were generated on Unbuntu and then copied to puTTY on Windows. I just had the keys backward, thinking the private key stayed with the Ubuntu box and the public key went to the Windows machine.

I am closing out and giving you the points. Thanks again!
0
 
LVL 22

Expert Comment

by:mcsween
ID: 40447368
An easy way to remember is the server shares it's key with anyone trying to log on as you which would make it public.  The key you have is used to authenticate is private like your password.

Glad you got it working!
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month9 days, 11 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question