Gav...

Site News
Something goes here.
Testing
Something else
will go here.

SSH and Putty

How to use Putty, SSH + PKI to access your private area.

Download & Install Putty

Putty can be downloaded from http://www.chiark.greenend.org.uk/~sgtatham/putty/

Double-click on the downloaded Installer package to install Putty to a suitable location.
Once installed it will be easier to transfer files using PSFTP if the Putty directory is in your 'Path'

Putty comes with 'Puttygen' , 'Pageant' and ' PSFTP' amongst other things, we will be using all the ones just mentioned.

Create Public/Private Key pair with PuttyGen (Skip to Step 3 if you know how to do this)

Double-click on Puttygen to start the authentication keys creation process.
Ensure that 'Type of key to generate' has 'SSH RSA' checked.
Click on Generate and move the mouse around to create a random key.
Leave the Key comment on its default description or change it if you wish.
Enter a Key Passphrase which will protect your private key and confirm it.
Click on 'Save Public Key' and save it as 'yourapacheusername.pub'
Click on 'Save Private Key' and save it as 'yourapacheusername.ppk'

This next step is important, athough we have saved your 'Public Key' as 'yourusername.pub' we don't actually use this - but is saved for a scenario when you might need to. We now need to create an 'authorized_keys' file.

Copy the Public Key information in the top box and paste into notepad and save the file as 'authorized_keys' - note it must be called this and there must also be no extension to it so ensure notepad does not add one when you save it. Close Puttygen.

Upload public 'authorized_keys' file to your area of Apache Server using PSFTP.

Open a Dos Prompt box and navigate to the location where you stored your 'authoriized_keys' file.
Type in 'psftp people.apache.org'
A connection will be made to people.apache.org and will ask for your login username and then password.
(Once we have completed this tutorial you will no longer be asked this)
Create a new directory in your area called '.ssh'
Type in 'chmod 700 .ssh' - this ensures only you can then enter this directory.
Navigate into this directory with 'cd .ssh'
Upload your key file with the command 'put authorized_keys'
Type 'exit' to exit from your people.apache.org private area and from psftp itself.

Add Key to Pageant and run Pageant.

Probably the most overlooked but most important step for Windows users at least, we need to load a key into Pageant and we need to have Pageant running all the time in memory otherwise entering people.apache.org via Putty or PSFTP will not happen with our keys and usernames and passwords will once again be asked for, regardless of the work we have just done.

Open Pageant and click on 'Add' to add a new key, browse to your 'yourapacheusername.ppk' prvate key file and load this in.
Click on 'Close' to close this window, note Pageant is still running with an Icon in the system tray.

You should now be able to login without being asked for your username or password any more :)
Try it! - from the dos command box type in 'psftp people.apache.org' - you should log right in with no more to type!

Note: Whenever you Exit Pageant, or restart your computer, you will need to restart Pageant and Add your key in again - Pageant does not keep details of loaded keys after it has been exited from.

Configure Putty to log in using your keys.

Open up Putty.
Specify 'people.apache.org' as the Hostname.
Ensure SSH protocol radio button is checked.
Choose the 'Data' dub-category of 'Connection'
Fill in your Apache username for auto-login username.
Click on the SSH Category.
Ensure 'SSH 2 Only' radio button is checked.
Click on the 'Auth' sub-category of the SSH Category.
Ensure 'Attempt "Keyboard Interactive" auth (SSH 2)' checkbox is ticked.
Click the 'Browse' Button and locate and load your 'Private Key' you saved earlier as yourapacheusername.ppk.
Go back and click on the 'Session' Category and Save this session choosing a suitable name.

Good, all the details are now saved for future use, all you need do now is click on the 'Open' button to open a secure connection to the server and to log in automatically to your personal area of people.apache.org. You will still be asked for a password if this is the first time connecting to your area, after which you'll just go straight in.

Relevent Links

Apache Links

http://apache.org/dev/user-ssh.html

External Links

http://www.wipo.int/pct/edi/en/software/setup/putty-setup.html
http://www.cba.uni.edu/buscomm/ElectronicComm/PersonalUNIwebspace-1.htm
http://www.indiana.edu/~uitspubs/b017/


Valid CSS Valid XHTML 1.1 ©2006 Gavin McDonald