SSH (Secure Shell) keys serve as an access credential which is used in SSH protocol. They give added security to SSH in the sense that a password need not be used when making use of SSH keys.
SSH key pair comprises of both a public key and private key, both of which are a long string of characters. The public key is saved in the server to which SSH connection is to be done and the private key is stored on the system from which SSH connection is requested.
To create SSH keys and further use them on Windows, the below utility tools are required.
**PuTTY can be installed using the MSI package file available from the PuTTY website.
Access the below link and download the
MSI (‘Windows Installer’) 64-bit package to the Windows server.
Double click on the downloaded MSI file to start the PuTTY installation wizard. Click on
Next after confirming the destination folder in which the application will be installed to. In the context of this guide, PuTTY is being installed in the folder
Install to start the installation process.
Finish to complete the PuTTY installation and exit the wizard.
**PuTTYgen utility will be installed along with PuTTY once its installation has been completed.
Click on the
Start menu, navigate to the folder
PuTTY (64-bit) and click on
The key generator utility will open up and will look similar as below. Values such as
Number of bits in the key can be modified, however, the default set values are suitable in almost all cases. Click on the
Generate button to generate the SSH key.
A prompt which reads “Please generate some randomness by moving the mouse over the blank area.” will be shown whereby the mouse pointer can be randomly moved over the area below the message, until the green bar fills up.
This randomness is termed as
entropy helps in creating irreproducible keys in a secure manner.
Once the key generation is completed, the public key will be displayed in the text box. This key can be copied/saved safely as this is the key that is to be copied to the Cloud servers for later use.
A passphrase for the SSH key can also be created, which helps in improving the security of the public/private key pair. This passphrase would need to be provided each time the SSH key is used.
Once the passphrase has been setup, click on
Save private key button in-order to save the private key in a secure location, with any name of choice. The private key will be saved with
The public key can also be saved, however, the format in which the public key is saved by PuTTYgen is incompatible with the OpenSSH
authorized_keys files used on Linux servers.
To view the public key in the compatible format again, the already saved private key can be loaded using the
Load option in PuTTYgen.
This generated public key-private key pair can now be used to access Linux OpenSSH server from the Windows machine using SSH key authentication.
**The below steps outlines the procedure of making use of the PuTTYgen generated public key-private key pair to access Linux server from Windows machine using SSH key authentication.
The first step in this would be to add the PuTTYgen generated public key to the SSH
authorized_keys file in the Linux server to which the connection is to be established.
a) Open the SSH
authorized_keys file by executing the below command.
# vi .ssh/authorized_keys
b) Append the PuTTYgen generated public key to the end of the file.
c) Save and close the file.
In the Windows server, open the PuTTY tool and under
Session option, specify the Linux server IP as well as any custom SSH port, if set. Make sure that SSH is set as the
Now expand the
SSH option in left panel under
Connection and select
Private key file for authentication: option and select the private key .ppk file that was saved earlier through PuTTYgen. Click on
Open once the private key has been selected.
The PuTTY session will open up, prompting to enter the login username and the passphrase key that was set up for the SSH key-pair in PuTTYgen. A prompt for entering the SSH root password will not be shown, thereby confirming that the SSH key authentication is working.