This guide shows how to setup Putty or MSysGit to use public and private key pairs on Windows to login securely on a Linux Server.
Why? Taken from Ubuntu community doc. If your SSH server is visible over the Internet, you should use public key authentication instead of passwords if at all possible. If you don’t think it’s important, try logging all of the malicious login attempts you get for the next week. My computer – a perfectly ordinary desktop PC – had over 4,000 attempts to guess my password and almost 2,500 break-in attempts in the last week alone. How many thousand random guesses do you think it will take before an attacker stumbles across your password?
With public key authentication, every computer has a public and a private “key” (a large number with particular mathematical properties). The private key is kept on the computer you log in from, while the public key is stored on the .ssh/authorized_keys file on all the computers you want to log in to. When you log in to a computer, the SSH server uses the public key to “lock” messages in a way that can only be “unlocked” by your private key – this means that even the most resourceful attacker can’t snoop on, or interfere with, your session. As an extra security measure, most SSH programs store the private key in a passphrase-protected format, so that if your computer is stolen or broken in to, you should have enough time to disable your old public key before they break the passphrase and start using your key. Wikipedia has a more detailed explanation of how keys work.
Configure OpenSSH on Linux Server:
To enable OpenSSH you have to edit the sshd_config on your server to accept version 2 public key only.
Add or modify the following lines:
Protocol 2
# Authentication(NO ROOT LOGIN!):
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
# Use public keys and where keys are stored
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
IgnoreUserKnownHosts yes
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
Save your sshd_config, but wait to load your new settings before you have created your ssh keys and be sure to have a fall-back plan if something should go wrong.
Generate OpenSSH private and public key pair(Server-side):
Login on the server as the user you want to use and generate a pair of private and public keys on the Linux side. Here it is seen for the user “user”
Execute `ssh-keygen -t rsa` to generate a version 2 public and private key pair into directory /home/user/.ssh.
Output:
Enter file in which to save the key (/home/user/.ssh/id_rsa)
Created directory '(/home/user/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
a1:0a:6f:5b:8d:2f:e9:b0:34:28:f5:d1:a7:4b:f3:18 user@hostname
The key's randomart image is:
+--[ RSA 2048]----+
| . + Eo=. |
| . = . *.+.|
| + o + o..|
| = + + |
| S = o . |
| . + o |
| + . |
| |
| |
+-----------------+
Next add the newly created key to a file called “authorized_keys” in your .ssh directory:
cat id_rsa.pub >> authorized_keys
And final and very important. Copy the private key id_rsa to your windows machine. I recommend using winSCP a very handy program.
http://winscp.net/eng/download.php
Using MSysGit to login with SSH keys:
The only thing you have to do to get it working in MSysGit is to add a new directory in your home called .ssh where you place the private key id_rsa downloaded from the server. You are now ready to login. If it doesn’t work, check to see that MSysGit looks for the key in your home/.ssh.
Next: Using Putty to login with SSH keys:
Posted in 
Tags: 
« 
![Apple iPhone 4S Battery Drain Is Starting To Become A Serious Issue [iOs 5]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9hcHBsZS1pcGhvbmUtNHMtcHJlLW9yZGVycy1yZWNvcmQtbGV2ZWwuanBn)
![The Best Programming Contest Ever Made – The AI Challenge Ants 2011 [Developer]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy90aGUtYWktY2hhbGxlbmdlLWFudHMtcHJvZ3JhbW1pbmctY29udGVzdC5qcGc=)
![Take A Picture Of Any Website [WordPress Screenshot Demo]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy90YWtlLWNvb2wtc2NyZWVuc2hvdC1waWN0dXJlLXBpeC1jb25jZXB0LWRpZ2l0YWwtY2FtZXJhLmpwZw==)
![Optimize Your Time And Write Better CSS With {less} – [CSS Stylesheets]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy93cml0ZS1iZXR0ZXItY3NzLXdpdGgtbGVzcy1vcHRpbWl6ZS1hbmQtcmV1c2UucG5n)
![Call Your Friends For Free – Cut The Expensive Voice And Text Plans To The Bare Minimum [Mobile Apps]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy92aWJlci1mcmVlLWlwaG9uZS1hbmRyb2lkLW1vYmlsZS1hcHAtdG8tY2FsbC13aWZpLnBuZw==)
![Solved: Facebook XFBML Like Button Bug Creates a Vertical Scroll-Bar [Web Developer]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9mYWNlYm9vay1saWtlLWJ1dHRvbi1idWctc29sdmVkLWZpeGVkLXZlcnRpY2FsLXNjcm9sbC1iYXItdGlwcy10cmlja3MtbGlmZWhhY2suanBn)
![Add a Cool Google Plus Profile Add to Circles Widget to Your Website [Google Plus]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9nb29nbGUtcGx1cy1pbnZpdGVzLWNpcmNsZXMtYWRkLWV4cG9ydC1hbGwteW91ci1mYWNlYm9vay1mcmllbmRzLXRvLWdvb2dsZS1wbHVzLWNocm9tZS1leHRlbnNpb24tZmFjZWJvb2stZnJpZW5kLWV4cG9ydGVyMS1lMTMxMjYxODQ3NDcyNC5wbmc=)
![How To Export All Your Facebook Friends To Google+ Using Yahoo Mail [Google+]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy95YWhvby1leHBvcnQtYWxsLXlvdXItZmFjZWJvb2stZnJpZW5kcy10by15YWhvby1hbmQtdGhlbi1nbWFpbC1nb29nbGUtcGx1cy1jb25uZWN0LWltcG9ydC1zaGFyZS1lMTMxMjgzODQ5MTc1OS5qcGc=)
![Add a Simple Google Translate DropDown Box To Your Web Site [Tips & Tricks]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9nb29nbGUtdHJhbnNsYXRlLXRpcC1ub3RyYW5zbGF0ZS1ibG9nZ2Vycy13ZWItZGV2ZWxvcGVyLXRpcHMtdHJpY2tzMS5qcGc=)
![Google Closes Down 10 Mayor Business Areas [Tech News]](http://www.mmncs.com/wp-content/plugins/special-recent-posts/lib/phpimage.php?width=100&height=100&rotation=no&file=L3Vzci9zaGFyZS9uZ2lueC93d3cvbW1uY3MuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9nb29nbGUtd2ViLW5ld3MtdGVjaG5vbG9neS10aXBzLXRyaWNrcy1saWZlaGFjay10aGVuZXh0d2ViLmpwZw==)
My partner and I really enjoyed reading this blog post, I was just itching to know do you trade featured posts? I am always trying to find someone to make trades with and merely thought I would ask.
What a post!! Very informative and easy to understand. Looking for more such posts!! Do you have a myspace?