Just a little bit curious, why PuTTY use its own version of private key format to do SSH?
The author of PuTTY gives two main reasons for having the custom key format on this page.
In short:
PuTTY's format stores the public half of the key in plaintext, which allows PuTTY to send the public key to the server automatically.
The key is fully tamperproofed with the help of a Message Authentication Code.
Related
I already have an SSH key, it is I use it with GitHub, but they have provided me with another one to enter a server on AWS, a RedHat 7.
It was actually a .ppk to use with PuTTY, but with the generator I converted it to an SSH key.
I have added it and it worked correctly, the problem is that every time I want to use it I have to add it again, and I don't know why I forgot it.
Thank you very much.
I have to add it again
It depends by what you mean by "add it".
If it is ssh-agent add, you only need to do that when the private key is passphrase protected.
if it is "adding to the remote server ~/.ssh/authorized_keys", you only need to do that once, with the public key associated to/derived from the private key.
I have downloaded Sourcetree lately which comes with puttygen, plink and pageant.
I have set up an SSH public and private key, with a non-empty passphrase.
I was prompted for this passphrase when I added the private key to the Pageant key list. However, when I restart my machine and re-open Sourcetree I am re-prompted for this passphrase.
1). Should Pageant or Sourcetree be saving this passphrase, so I am not prompted every time I wish to use Sourcetree?
2). If so, how?
Pageant keeps decrypted key in memory only. It does not save the passphrase or the decrypted key anywhere.
Saving the passphrase would be almost as insecure as saving the key unencrypted. While it would be a solution for you, it's really not recommendable!
Quote from Security considerations section of Pageant documentation:
Using Pageant for public-key authentication gives you the convenience of being able to open multiple SSH sessions without having to type a passphrase every time, but also gives you the security benefit of never storing a decrypted private key on disk. Many people feel this is a good compromise between security and convenience.
It is a compromise, however. Holding your decrypted private keys in Pageant is better than storing them in easy-to-find disk files, but still less secure than not storing them anywhere at all.
I am trying to connect to EC2 server using putty with the help of .pem. It is giving me an error:
Disconnected: No supported authentication methods available (server sent: public key)
I have created a .ppk through puttygen. Still facing the same problem.
Can any one help me with the solution.
This usually means that there was a problem with how the pem file was converted to a ppk file, or that the pem file was not the right one to begin with. Make sure you followed the instructions for using puttygen correctly. There is an example here: Convert PEM to PPK file format
Alternatively, use a windows ssh client that uses pem files directly. Two options are:
Cygwin - it includes an ssh command line client.
Poderosa
U need a private key to connect to the server, the key U have probably is a public key, so U need to generate a private key in puttygen.
Perhaps, you use Ubuntu AMI. Should be user name - ubuntu.
Link: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#TroubleshootingInstancesConnectingPuTTY
For those searching, I had this issue but the latest authentication method was not supported by the old version of Putty. Upgrading Putty allowed me to connect.
I downloaded the latest Putty from the official website of Putty; then it required to uninstall, so I backed up by finding the key in the registry for:
HKEY_CURRENT_USER > Software > SimonTatham
By clicking on that entry and choosing File > Export and saved to desktop, this contains all the data and settings for Putty should something go wrong during uninstall.
Now with Putty backed up, you can uninstall Putty (CCleaner is a good option), and when it asks if you want to remove the sessions click NO, otherwise it will wipe the data, but fortunately you have the data backed up to the registry by this point.
Finally, now you can install the latest version of Putty. The latest version of Putty has the necessary authentication methods that AWS uses.
I am trying to connect to a SFTP server for a client of ours and send files in an automated process using MS windows. The details I have received from the client do not include the password. I instead have the public-private key pair using PuTTY.
The typical connection string used is as follows:
open sftp://username:password.SFTPURL:port -hostkey="ssh-dss 1024 XXXXXXX"
I do not however understand how to specify the private key in this connection instead of the password. how do I tell the script where the private key lies and is there a particular key word to use when connecting using public key?
I am new at this so please bear with me.
Thanks!
How would I go about doing this on the terminal?
sftp then asks me for a password. how do I include my DSA key so that I do not have to use the password?
As sftp uses SSH protocol for communication, you may generate private/public key pair using ssh-keygen (read everything their!). Then read this HOWTO about how to transfer your key to remote server. If you need more, read more detailed description of OpenSSH Public Key Authentication.
If you setup your key correctly, and remove SSH server is configured to use key authentication, you will be granted the access without additional password.
If you have ssh-agent running, holding the key to the site, it will handle authentication for you.