Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Distribution: SuSE Linux Open/Enterprise, Red Hat, Ubuntu
public/private key authentication with PuTTY
Since finding out about the automated scripts for SSH logins I decided i wanted to only allow only one user/computer to login remotely. I've successfully run a test configuration with a linux client-computer using the ssh-keygen and all and i was able to access the server with the generated public and private keys.
I'm having trouble doing the same with PuTTY. I dont know how to generate keys with PuTTy. I am using Windows and it obviously does not have the SSH daemon.
With PuTTY use the puttygen.exe program to generate a new public/private key pair. The authorized_keys compatible line will be shown in the window. You will have to copy/paste this into a text file which you will have to append to the authorized_keys file on the server. The private key can be saved in it's .ppk file (which looks similar to an ssh private key but which didn't work properly if memory serves). You then set PuTTY to use the .ppk file as the private key and if the server has the public key appended then you should be able to connect fine. plink.exe is a better program to use if you wish to drive PuTTY from the command line or a batch file as it's command line syntax is richer. If I'm not mistaken then the -i option is used to specify a file to use when authenticating.
Not in itself however if you restrict yourself to public/private key authentication then it's (to my knowledge) impossible to login to an account without an authorized_keys file. They will just reject any key.