Table of Contents

Introduction

SSH can handle authentication using a traditional username and password combination or by using a public and private key pair. The SSH key pair establishes trust between the client and server, thereby removing the need for a password during authentication. While not required, the SSH private key can be encrypted with a passphrase for added security.

• Cd.ssh Ssh-keygen Doing this with the default values will create a public and private key. The private key will be idrsa and the public key will be idrsa.pub. The next thing you should do is add your private key to your Windows security context.
• Create the.ssh directory. The first thing you'll want to do is create a.ssh directory on your client.

The PuTTY SSH client for Microsoft Windows does not share the same key format as the OpenSSH client. Therefore, it is necessary to create a new SSH public and private key using the PuTTYgen tool or convert an existing OpenSSH private key.

Requirements

Ssh Install Public Key Ubuntu

• PuTTY SSH client for Microsoft Windows
• Remote server accessible over OpenSSH

Install PuTTY and PuTTYgen

Both PuTTY and PuTTYgen are required to convert OpenSSH keys and to connect to the server over SSH. These two tools can be downloaded individually or, preferably, as a Windows installer from the PuTTY Download Page.

Creating a key pair (public key and private key) only takes a minute. The key files are usually stored in the /.ssh directory. Copy the key to a server. Once an SSH key has been created, the ssh-copy-id command can be used to install it as an authorized key on the server. Once the key has been authorized for SSH, it grants access to the server.

Once the PuTTY Windows installer is downloaded, double-click the executable in the Download folder and follow the installation wizard. The default settings are suitable for most installations. Both PuTTY and PuTTYgen should now be accessible from the Windows Programs list.

Use Existing Public and Private Keys

If you have an existing OpenSSH public and private key, copy the id_rsa key to your Windows desktop. This can be done by copying and pasting the contents of the file or using an SCP client such as PSCP which is supplied with the PuTTY install or FileZilla.

Next launch PuTTYgen from the Windows Programs list.

1. Click Conversions from the PuTTY Key Generator menu and select Import key.
2. Navigate to the OpenSSH private key and click Open.
3. Under Actions / Save the generated key, select Save private key.
4. Choose an optional passphrase to protect the private key.
5. Save the private key to the desktop as id_rsa.ppk.

If the public key is already appended to the authorized_keys file on the remote SSH server, then proceed to Connect to Server with Private Key.

Otherwise, proceed to Copy Public Key to Server.

Create New Public and Private Keys

Launch PuTTYgen from the Windows Programs list and proceed with the following steps.

1. Under Parameters, increase the Number of bits in a generated key: to a minimum value of 2048.
2. Under Actions / Generate a public/private key pair, click Generate.
3. You will be instructed to move the mouse cursor around within the PuTTY Key Generator window as a randomizer to generate the private key.
4. Once the key information appears, click Save private key under Actions / Save the generated key.
5. Save the private key to the desktop as id_rsa.ppk.
6. The box under Key / Public key for pasting into OpenSSH authorized_keys file: contains the public key.

Copy Public Key to Server

The OpenSSH public key is located in the box under Key / Public key for pasting info OpenSSH authorized_keys file:. The public key begins with ssh-rsa followed by a string of characters.

1. Highlight entire public key within the PuTTY Key Generator and copy the text.
2. Launch PuTTY and log into the remote server with your existing user credentials.

3. Use your preferred text editor to create and/or open the authorized_keys file:

4. Paste the public key into the authorized_keys file.

5. Save the file and close the text editor.

6. Adjust the permissions of the authorized_keys file so that the file does not allow group writable permissions.

7. Logout of the remote server.

Connect to Server with Private Key

Now it is time to test SSH key authentication. The PuTTYgen tool can be closed and PuTTY launched again.

1. Enter the remote server Host Name or IP address under Session.
2. Navigate to Connection > SSH > Auth.
3. Click Browse... under Authentication parameters / Private key file for authentication.
4. Locate the id_rsa.ppk private key and click Open.
5. Finally, click Open again to log into the remote server with key pair authentication.

Public key authentication allows you to access a server via SSH without password. Here are two methods to copy the public ssh key to the server.

I believe you understand the basic SSH concept. Your Linux server has ssh enabled. You have generated ssh keys on your personal computer. Now you want to upload your public key to the authorized keys of the server so that you can access it without typing your account password all the time.

This quick tutorial shows you two methods to add a public SSH key to the server.

Requirements

Before you see that, let’s be clear about what you should already have:

• Your destination server should have ssh enabled
• You should have generated public and private ssh keys (just use the command ssh-keygen -t rsa)
• You should have a user account and password on the server. Even root account will do.
• You should know the IP address of the server

Now that you have made sure of the above three requirements, let’s see how to use public key authentication.

The authentication is per user base so the public key goes in the intended user’s home.

Method 1: Automatically copy the ssh key to server

The first method is where the end user copies its personal computer’s public key to the list of the authorized keys on the remote server.

Here, I assume that you were able to log in to the remote server using ssh user_name@ip_of_server. It asks for your account’s password and you enter the server.

If you add your public key to the server, you should be able to log in without typing the password all the time.

OpenSSH provides a handy tool call called ssh-copy-id for copying ssh public keys to remote systems. It even creates required directories and files.

Install Ssh Public Key Linux

As I mentioned earlier, you should know the username and password to the server you want to access via public key authentication.

When prompted, enter the password for your user account at the remote server. Your public key should be copied at the appropriate folder on the remote server automatically.

I have used ~/.ssh/id_rsa.pub because that is the default location for the public ssh key. If you have it at some other location, you should use that in the above command.

Method 2: Manually copy the public ssh key to the server

The first method had the action on the user side. Let’s say that you are the sysadmin and your server doesn’t allow SSH login via password. The only way to access the server is using SSH public key authentication.

In such a case, you can ask the end user to provide her/his public key. Now what you can do is to create .ssh/authorized_keys directory and then copy the public key here.

Let me show the steps.

Step 1: Get the public key

Ask the end user to provide the public key by typing the following command:

Ssh Add Public Key Windows

It will show a long random string starting with ssh-rsa:

You can get this text via email or messaging tools. Normally, it shouldn’t be a problem.

Step 2: Create ssh directory in the user’s home directory (as a sysadmin)

Keep in mind that you have to create these new directories and files in the end user’s home directory, not your own (root/sysadmin).

Now open this /home/user_name/.ssh/authorized_keys file with a text editor like Vim and add the public key of the user here:

Save and close the file. It’s almost ready.

Step 3: Set appropriate permission to the file

Having appropriate file permission on the ssh file is very important otherwise you’ll see errors like Permission denied (publickey).

First, make sure to set the correct file permissions:

You created those file with either root or your own admin accounts for some other user. You need to change the ownership to the user:

Now that it’s done, you can ask the end user to log in to the server.

Install Ssh Public Key Ubuntu

Do let me know if you face any issues or if you have any suggestion on this topic.

Become a Member for FREE

Join the conversation.