This article will take you through generating RSA keys using PuTTYgen on Windows for secure SSH authentication with OpenSSH.
One effective way of securing SSH access to your Cloud Server is to use a public/private key. This means that a 'public' key is placed on the server and the 'private' key is on our local workstation. This makes it impossible for someone to log in using just a password, provided you have setup SSH to deny password-based authentication (which you can learn how to do in this article about SSH).
In Windows we will use PuTTYgen to generate our public and private keys. You can download PuTTYgen from its official website (it might also have been installed with PuTTY or WinSCP). Launch the program then click the Generate button, as seen below. You will notice that it generates the keys for you. All you need to do now is save the public and private keys by clicking the buttons stating as such.
Open up your public key, copy it to the clipboard (ctrl+a, ctrl+c) and paste it at the very end of ~/.ssh/authorized_keys on your Cloud Server. If that file doesn't already exist, you will have to create it (nano ~/.ssh/authorized_keys).
To make use of your newly generated RSA key pair, you will need to tell PuTTY to use it when connecting to your Cloud Server. Do this by opening PuTTY and going to the "SSH" -> "Auth" section. Browse to where you saved the keys and load the private key as seen below:
Make PuTTY use the key every time you connect to your Cloud Server by saving this configuration. After loading your key as shown above, go back to "Session" and save your session:
Once you have saved your session, your key will be loaded automatically upon connecting to your Cloud Server.
Opting for a key-based authentication to your SSH server is beneficial in many ways. By eliminating the possibility of SSH brute-force attacks targeted towards your Cloud Server, the chances of it being compromised are decreased by an order of magnitude.
© 2011-2013 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License