Image by kaneda99.
Overview
In this guide we’ll explain how to SSH to a Linux machine from Windows with your public key, using Putty & Winscp. In addition, we will enable the forwarding option. This will allow you to continue to jump from the machine you’ve connected to with your key, to another machine that supports SSHing with keys. We will not go into how to put your public key on the Linux machine, as we have already covered this topic.
Install basic programs/packages
Obtain the PuTTY package (not just the executable) and install it. Optionally obtain the programs WinSCP and mRemote, and install them.
This configuration is optional, but doing it will allow you once you’ve SSHed into a machine to continue and SSH from it, to the next machine, with the same key. To do this:
Open “PuTTY Key Generator” by going into “Start” -> “PuTTY” -> “PuTTYgen” While not required, it is recommended that you change the length of your key from the default 1024. Change the number of “bits” at the bottom from “1024” to “4096”. Click “Generate” and move your mouse around randomly until the bar reaches 100%. This “salts” your key, so try to make your mouse movements as random as possible. Once the program is done generating the key, On the “Key Comment” line, change it to be something more useful like your name. For example: While not required, it is highly recommended that you set a passphrase on the private key. This will protect your private key in case some one gains access to it and you will only be bothered with entering once at machine boot up, if you perform all the steps in the guide. Click on “Save private key”.
Configuring the Key-quartermaster
Open “Pageant” from the start menu. (Note: it may run off to the system tray) If it has run off to the system tray, double click it, to bring up the main window. Click “Add Key” and give it your saved Key Pair. If need be, provide the passphrase.
Done, from now on, Putty, WinSCP and any program that serves as a fronted for them (like mRemote) will first consult with the Pageant program if there is a key to use for the connection.
Loading Keys automatically at startup (Optional)
The process above needs to be repeated after every machine reboot, as Pageant doesn’t save loaded key configurations. To have it load the configuration automatically at startup, you can use one of the two methods below:
Assuming you’ve allowed Pageant to take over the ppk suffix, you should be able to simply add the key files to the Windows “startup” folder. Create a shortcut to the program that passes the key-files as parameters. For example, the “Target” command for two(2) keys would look like: “C:\Program Files (x86)\PuTTY\pageant. exe” “C:\Users\AviadR\Documents\aviad’s 4096. ppk” “C:\Users\AviadR\Documents\aviad’s 1024. ppk
Then, add this shortcut to window’s startup.
RELATED: What is SSH Agent Forwarding and How Do You Use It?
Enable SSH Agent forwarding (PuTTY/mRemote)
Open PuTTY. Under “Connection” -> “SSH” -> “Auth”. Check the “Allow agent forwarding“. Go back to “Session” Select the “Default Settings” entry. Click on “Save”. Done.
Enable SSH Agent forwarding (WinSCP)
Note: for more on this topic, please read our guide on SSH agent forwarding.
Spike: So i guess i served my time and i’m free to go? SoundWave: Free to go, to Cybertron…
