Linux Exercise: PuTTy

This exercise assumes you have a Windows workstation, and lets you logon from that Windows workstation to a remote Linux system. It doesn't matter whether the remote Linux system is running locally on your workstation inside a virtualization solution (VMWare, VirtualBox or something else), or in a datacenter or in the cloud.

Starting PuTTy

  1. Start PuTTy and logon to the remote system.
    • From your Start menu, locate and start PuTTy.
    • PuTTy opens in the Configuration display. In the Host Name field, type the hostname or IP address of the remote system. Then click on Open.
    • Type your username and password when prompted. You have now logged into the remote system.
  2. Close your PuTTy session.

PuTTy Profiles

  1. Start PuTTy again. In your configuration screen, create a profile for the remote system. Make sure that the following information is part of the profile: Hostname or IP address, session background color, username. Save the profile.
    • From your Start menu, locate and start PuTTy.
    • PuTTy again opens in the Configuration display. Configure the items listed as follows:
      • In the Session section, configure the Hostname or IP address.
      • In the Window; Colours section, adjust the Default Background to, for instance, green.
      • In the Connection; Data section, configure your Auto-login Username.
    • Go back to the Session section, type a profile name in the Saved Sessions box, then click on Save. You now have a saved profile, which you can load in the future by selecting the profile and clicking on Load.
  2. Test your profile.
    • Stop PuTTy, then start PuTTy again. It will again come up with the Configuration screen. Select the profile and click Load, then Open. PuTTy should now only ask for your password and open the session for you. The session should have the selected background color.
  3. Stop PuTTy again.

PuTTy Host Keys (optional)

  1. From your Start menu, start a Command Prompt. Use this to start the Windows Registry Editor (regedit.exe). Within the Registry Editor, navigate to HKEY_CURRENT_USER\SoftWare\SimonTatham\PuTTY\SshHostKeys. Do you see the host keys for all the systems you connected to earlier? Delete the host key for the system you're using in this exercise.
  2. Start PuTTy again and use the profile you created earlier to connect to the system again. Do you now get a question about an unknown host key? Accept this key, then look in your Windows Registry again. Was the key stored?

Generating and uploading User Keys

  1. From the Start menu, locate and start PuTTYgen. Use PuTTYgen to generate a private/public keypair. Give the key a strong password, then save the private key on your Desktop. Do not close PuTTYgen just yet.
    • Click on Generate to generate a keypair. Move your mouse back and forth over the blank area to generate randomness.
    • Once the key is generated, type a strong password/passphrase in the Key passphrase field. For confirmation, type the key in the Confirm passphrase field again. Click on Save private key to save the key to your Desktop. Give it a meaningful name.
  2. Upload your public key to the remote Linux system, and add it to the file ~/.ssh/authorized_keys. Make sure the permissions of the file are set correctly.
    • In PuTTYgen, select the text in the "Public key for pasting..." box. Make sure that you select ALL text, beginning with the ssh-rsa identifier, and ending with rsa-<date>. Use Ctrl-C to copy the key to the Clipboard.
    • Switch over to your PuTTy session.
    • Create the directory .ssh and give it the right permissions.
      $ mkdir .ssh
      $ chmod 700 .ssh
    • Start vi on the file .ssh/authorized_keys. Put vi in insert mode with the "i" key. Then click your right mouse button in PuTTy. This will paste the contents of the clipboard into the PuTTy session, which ensures the public key ends up in the file. Check that the whole public key is now pasted as one line in the file. The result should look like this:

      Save the file.
    • Make sure the file has the right permissions too.
      $ chmod 600 .ssh/authorized_keys
  3. Close your PuTTy session.
  4. Open PuTTy again. Modify the Profile you've been using so that it uses your newly created private key, which is stored on your Desktop. Save the profile. Now use the profile to open an SSH session. What happens?
      • The SSH private key to use is configured in Connection; SSH; Auth. Click on Browse to select your private key.
      • When you open the session, PuTTy should ask for the password/passphrase associated with the private key. Once you typed that in, the session should connect.

Using the Pageant SSH Agent

  1. In your Start menu, locate the Pageant program and start it. Note that nothing will seem to happen when you start Pageant: It is a background service that nests itself in your System Tray:
  2. Add the private key to Pageant.
      • Click on the Pageant icon in your System Tray. The Pageant interface now opens.
      • Click on Add Key. Select the private key from your Desktop. Enter the password/passphrase when prompted.
      • Pageant should now show your private key loaded.

        Click Close to close the Pageant interface.
  3. Start PuTTy again, load the profile and click on Open. Are you prompted for a password or not? You should not be prompted for a password. If you still are, here are a few things to check:
    1. Your PuTTy profile should point to the right private key (in Configuration: Connection; SSH; Auth)
    2. Your PuTTy profile should have the right auto-logon username (in Configuration: Connection; Data)
    3. Pageant should be running and have the key loaded.
    4. The directory .ssh on the server should have permissions rwx------ (700).
    5. The file .ssh/authorized_keys should have permissions rw------- (600) and should look like the following: 
      ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAnFmz+/kNvywZX7puR+DYHTJhKanPPFBYjB7ykEPEEQq6lzR5ZbhLjfgeas20kUIlfDJ6OelFENv3BUvV+HY36A4x2s8Tcs4+OUMbx766O62g7WTrYtFEbGZhf3JP6BVM503+asEeyXdhaTWLJoc7SeffuFv0++5zKRX4fRhtwsphvEDOO8ddqj6fvC6YBeKnqx1wWZUrMQNMLWMkub+alY8UHcbPo/qBWf/Uij3lFyd0w12keDKm+kX0FhSnNyQmggPBy36LLVS0DrHTZXyeiDhovJtTKRE3vxdxekx0hwNC4zZfCekUueMo0hJUIP7I5Uy3Bhg/+6A5Jr8ZcDEXJw== rsa-key-20171121
      Note that every key is a single line consisting of three columns.
End of exercise