Create passwordless login with SSH keys and PUTTY  Print this Article

Benefits of passwordless login with SSH keys

If VPS/Dedicated server is visible over the Internet, you should use public key authentication instead of passwords, if at all possible. This is because SSH keys provide a more secure way of logging in compared to using a password alone. While a password can eventually be cracked with a brute-force attack, SSH keys are nearly impossible to decipher by brute force alone. With public key authentication, every computer has (i) a public and (ii) a private "key" (two mathematically-linked algorithms that are effectively impossible to crack).

Setup SSH Keys on your Windows computer/laptop using PuttyGEN


Step 1

Download PuttyGEN from the maintainer's website.
Scroll down until you find puttygen.exe and download either 32 or 64bit version.

Step 2

Start PuttyGEN by double clicking on its icon

Step 3

From top menu, click on "Key" and select "SSH-2 RSA" and in the bottom right box change the number 2048 to 4096

Step 4

Click "Generate" button

Step 5

Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full

Step 6

Click the "Save public key" button & choose whatever filename you'd like (some users create a folder in their computer named my_keys)

Step 7

Click the "Save private key" button & choose whatever filename you'd like

NOTE! Both public and private files will have to stay on your computer, do not delete them.


Step 8

Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All, right-click again and choose Copy

Step 9

Login to your VPS or Dedicated server

Step 10

Run the following commands:
mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys

Step 11

Paste the SSH public key which you copied in step 8 into your ~/.ssh/authorized_keys file

Lets setup Putty on your windows computer/laptop


Step 1

Start PuTTY by double-clicking its executable file

Step 2

PuTTY's initial window is the Session Category (navigate PuTTY's various categories, along the left-hand side of the window)

Step 3

In the Host Name field, enter the IP address of your VPS or its fully qualified domain name (FQDN)

Step 4

Enter the port number in the Port field (for added security, consider changing your server's SSH port to a non-standard port.

Step 5

Along the left-hand side of the window, select the Data sub-category, under Connection

Step 6

Specify the username that you plan on using, when logging in to the SSH server, and whose profile you're saving, in the Auto-login username field

Step 7

Expand the SSH sub-category, under Connection

Step 8

Highlight the Auth sub-category and click the Browse button, on the right-hand side of the PuTTY window

Step 9

Browse your file system and select your previously-created private key

Step 10

Return to the Session Category and enter a name for this profile in the Saved Sessions field, e.g. user@123.456.78.9 or user@host.yourdomain.tld

Step 11

Click the Save button

Now you can go ahead and log in to your server and you will not be prompted for a password.

Finally let's disable username/password login on your vps/dedicated server


Step 1

Open /etc/ssh/sshd_config

Step 1

Lets change both "PasswordAuthentication" and "UsePAM" options to "no"
[...]
PasswordAuthentication no
[...]
UsePAM no
[...]

Step 2

Restart your SSH server
service sshd restart
or
sudo reload ssh

Was this answer helpful?

Related Articles

How Do I Find The Largest Top 10 Files and Directories On a Linux / UNIX / BSD?
ow do I find the largest top files and directories on a Linux or Unix-like operating systems?...
Changing the SSH Port for Your Linux Server
You can change the default SSH port for your Linux server as an added security measure NOTE!...
How to install Ansible and Use it in Automation
In this artical we will known about how to install Ansible, Before going through that we would...
IPTABLES examples
#1: Displaying the Status of Your Firewall Type the following command as root: # iptables -L -n...
25 Most Frequently Used Linux IPTables Rules Examples
In the below examples we are using ETH0 as network interface, which would be the interface you...