Disclaimer: Yes you can generate keys and all of this from linux. This is the windoze method to the madness.

So now you’re using Putty like a champ, no GUI needed. However, now you are sending your passwords to login (probably). I personally prefer to use public/private key authentication.

You can generate these keys in windows using PuttyGen (part of the putty suite). Select “SSH-2 RSA” enter the desired key bit length (I suggest 4096+)and click generate. Now it will ask you to move the mouse a bit, or for a very long time depending on how fast your CPU is.

You want to be sure to protect the private key with a strong passphrase and click “Save private key”. Save it to a safe place and make sure you have a backup, keys are important blah blah blah.

Don’t bother with save public key because it will be in a format you can’t use in the authorized_keys file. Instead, simply select all of the stuff in the top box and copy it.

Now SSH into the system where you plan to use this key (with your password for the last time, shed a tear, and pour one out for all the passwords you lost in da street).

Create a folder in your home directory named “.ssh” and vi .ssh/authorized_keys and paste your public key. (Don’t use nano cause this my guide and I said use vi. jk… kinda) After you save the file, you should chmod the .ssh dir to 700 and the authorized_keys file to 600. This may not be required to work, depending on what distro you are using and sshd config settings (strict mode).

mkdir .ssh
vi .ssh/authorized_keys (paste and save)
chmod 700 .ssh
chmod 600 .ssh/authorized_keys

Now you can test logging in with your private key. Maybe keep the existing session open, just in case something wasn’t done right.

There is a section in putty to set a private key, and if you do this for the “default settings” session it will attempt to use that key if no other session is loaded.

Oh btw, see that checkbox next to “Allow agent forwarding”? That means that if you SSH from inside your Putty session it will attempt to use your private key to authenticate to that session as well. Cause yo dog I heard you like incepSSHon.

This works well if you use the same key for most of your connection and you will be prompted for the key passphrase when connecting. You can also pass the path to the private key at the command line or run box using the -i argument.

ssh -i “D:\pathtokeys\username.ppk” username@servernameORip

Next we will cover Pageant and why it is so awesome. (another tool in the putty suite)