PuTTY SSH Login Without Password Prompt
February 21st, 2009 Category: General, LinuxAnnoyed of typing login passwords?
Your desktop is running with Windows and you often need to connect remote servers using SSH then you will already know PuTTY. You will also know that it’s getting frustrating to enter the passoword every time. There is a simple way to login to remote machines using RSA/DAS keys.
What is needed?
First of all you will need to download the PuTTY.exe. And to generate the keys on your Windows desktop you’ll need to download PuTTYgen.exe as well.
Key Generation
Start PuTTYgen.exe after download and press the Generate button. Now follow the instruction and move the mouse cursor over the desired area. I’ve used the default parameter [x] SSH-2 RSA with a key length of 1024 bits.
I leave the Key passphrase empty because I don’t want to enter any passwords during login.
To have the key later available for other servers use the “Save public key” and “Save private key” button. My private key is saved as haifisch.ppk and my public key as haifisch. By the way, haifisch is German and means shark.
Now mark the generated public key, copy it to the clip board and paste it into ~/.ssh/authorized_keys file on the remote server of the user you want to login as.
PuTTY Configuration
Keys have been generated and stored on the remote server, therefore PuTTYgen can be closed now and the PuTTY.exe is needed now.
In PuTTY under the item “Session” enter the host name of the remote server and connection type SSH. Next choose “Connection/Data” and enter the remote user name. Also the previously defined private key is needed, it is given in “Connection/SSH/Auth” using the “Browse” button. In my case it’s haifisch.ppk.
When all settings are done go back to “Session”, enter a name for this session and press “Save”.
That’s it. Try it by double clicking on the saved session.
Login via Desktop Icon
If you want to have a desktop icon which opens putty and logs into a remote server generate a file e.g. www.myserver.com.bat with the content:
start C:\temp\putty\putty.exe -load "Session Name in PuTTY"
Now generate a link to this batch file on your desktop and login in by double clicking.
Edit your new ~/.ssh/authorized_keys entry to have “ssh-rhs ” in the front (note the space), and to have only the key itself (ending in ‘=’) after that, e.g.:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAybmcqaU/Xos/GhYCzkV+kDsK8+A5OjaK
5WgLMqmu38aPo56Od10FEdEiB42DjRVY8trXS1NH4jbURQPERr2LHCCYq6tHJYfJNhUX
/COwHs+ozNPEsfeYDhK4AhabahnltFE5ZbefwXW4FoKOO+n8AdDfSXOazpPas8jXi5bE
wNf7heZT++a/Qxbu9JHF1huThuDuxOtIWl07G+tKqzggFVkns5CoJCFxaik91lNGgu2O
TKfY94c/ieETOXE5L+fVrbtOh7DTFMjIYAWNxy4tlMR/59UVw5dapAxH9J2lZglkj0w0
LwFI+7hZu9XvNfMKMKg+ERAz9XHYH3608RL1RQ=
Make that “ssh-rsa ”. Sorry.
Thanks for this tip, I couldn’t remember how to do this at work and you helped me out
I use PuTTy to Log In to a Linux Server with no problem. I have Agent Forwarding enabled and get prompted for my passphrase to Log In. Everything good so far. Once I Log In to the Linux Server, I need to SSH to other Linux Servers without getting prompted for password. It does not work, always prompted for password. I have used ssh -A, copied over my public key to the remote server, ssh-add, etc. with no luck.
Here is the verbose output for ssh -Av
# ssh -Av tda01
OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to tda01 [10.128.115.241] port 22.
debug1: Connection established.
debug1: identity file /home/user1/.ssh/identity type -1
debug1: identity file /home/user1/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/user1/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-9etch3
debug1: match: OpenSSH_4.3p2 Debian-9etch3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'machine1' is known and matches the RSA host key.
debug1: Found key in /home/user1/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user1/.ssh/identity
debug1: Offering public key: /home/user1/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: Trying private key: /home/user1/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
Any ideas?