How to use SSH Public Key with PuTTY to connect to a Linux machine
You have to follow these properly.
Configure the Public Key in SSH Server
Copy the public key in to SSH Server via SFTP
put publicy_key
Login to SSH server verify the copied public key
ls -l public_key
Since the public key does not have any permissions, change it to 400 (for read)
chmod 400 public_key
Use ssh-keygen tool to create openSSH format public key
ssh-keygen -if public_key > public_key_openssh_format
Add the created openSSH public key to authorized_keys files
cat public_key_openssh_format >> ~/.ssh/authorized_keys
Check the permissions of .ssh folder and authorized_keys file for access permissions
ls -al ~/.ssh
Verify the Key Pairs with PuTTY
Now, the key based authentication can be verified with PuTTY. Enter the host name and port
Select the private key (.ppk)
Confirm the Security alert
If the configuration is correct, the connection will be established successfully
If you are still stuck. Then you have to re-create the user and follow the steps and configure the public key again.
The user can be recreated using the following command:
Make a copy of the user folder and delete it before recreation.
yast2 users add username=userName cn=" User for test" password="password" gid=100 grouplist=dialout,video type=local
Related videos on Youtube
ysap
Updated on September 18, 2022Comments
-
ysap over 1 year
I am trying to set a public SSH key connection from a Windows 7 machine to a Red-Hat Linux machine. The ultimate purpose is to use
pscp
(PuTTY's version ofscp
) from the command terminal w/o the need to type password repetitively.Following PuTTY's documentation and other online sources, I used PuTTYgen to generate a key pair. I then copied the generated public key to a
~/.ssh/authorized_keys
file on the Linux machine (as far as I can tell, it runs OpenSSH server).To check the connection, I run PuTTY and set the username and private key file in the appropriate places in its GUI.
However, when trying to connect using PuTTY's SSH, the connection uses the preset username, but I get an error message of "
Server refused our key
" and a prompt for the password.I then tried to copy-paste the public key text from PuTTYgen's GUI to the
authorized_keys
file, but it did not work either.How should I set up a public key connection form Win 7 to Linux?
How do I use this with
pscp
(rather than PuTTY's ssh)?
Update: Thinking the problem might be with the PuTTYgen key format, I used
ssh-keygen
on the Linux machine to create an RSA keypair. It generated aid_rsa
private key andid_rsa.pub
public key. Trying to use> ssh-add id_rsa
was not successful, as I git the reply that "Could not open a connection to your authentication agent.
", so I just used> cp id_rsa.pub authorized_keys
.I then copied these files to the Windows machine, and used PuTTYgen to convert the private key to a PuTTY private key format (
*.ppk
). Trying to connect using the new key, I get the response that "Server refused our key
".-
Cristian Ciupitu over 10 yearsMake sure the ownership of
~/.ssh
is correct and that the permissions are0600
(+x
for the directory). If you're using SELinux, runningrestorecon -R -v ~/.ssh
will make sure that the labels are correct. -
ysap over 10 years@CristianCiupitu - I am using Red-Hat. I changed the permissions to
777
but it does not solve the problem. -
Cristian Ciupitu over 10 yearsI didn't say to change the permission to
777
(world readable and writable), I said to make them secret. -
ysap over 10 years@CristianCiupitu - are you suggesting that '700' and '600' for dir and keys-file are a maximum requirement? SSH should fail because it is world available??? Anyway, I made the change but still no sucess.
-
Cristian Ciupitu over 10 yearsCheck out the logs and update the question.
-
ysap over 10 years@CristianCiupitu - What logs? Can you please be more specific?
-
Cristian Ciupitu over 10 years
/var/log/secure
(and/var/log/messages
) probably. -
ysap over 10 years@CristianCiupitu - Unfortunately, I don't have access to
/var/log/secure
(it has root only permissions). The/var/log/messages
file contains only a few lines that do not seem to be related to the SSH (looks like it was restarted yesterday, so the log is very short). I viewed it before and after an SSH attempt and there was no change. -
Francisco Tapia about 9 yearsDid you tried to use python paramiko lib, I do that in job with 600 server at once.
-
Thalys over 10 yearsI believe the commands may change slightly since this is a red hat system - I do believe adduser is the 'standard' command used for this. Nonetheless, nice use of screenshots (even if I'd tend to copy/paste then use the code or pre blocks for better search/copyability and smaller page size) to illustrate the answer.
-
Vishnu Prasad Kallummel over 10 yearsI was not sure whether my answer would be posted as it contained pictures (Since I also had only 11 reputation). I'll take care of the formatting the next time I answer any question. Thanks to @slhck♦ for formatting the answer, he also mentioned the same.
-
ysap over 10 yearsThanks. So, I used
scp
to copy the public key to the remote machine. There, I usedssh-keygen -if puttygen.pub.key > ~/.ssh/authorized_keys
and made sure directory and file have read permission. But, when running PuTTY and selecting the private key, I still get the same response from the Linux account. I did not get PuTTY's key-caching message (could be that it was there on the 1st time I used that key). I assume thatsftp
used in your answer if not critical, right? I also noticed that you have a~/.ssh/known_hosts
file. Is this essential for the process? -
ysap over 10 yearsPlease note that this is a corporate Linux machine, and I cannot create a new user. Just play with my account.
-
ysap over 10 yearsPlease notice update to question.
-
Vishnu Prasad Kallummel over 10 yearsCan you edit the private key and check? The authorized keys should contain the same text as in the public part of the private key. I have faced this issue and it was solved only after I have recreated the user. Every other trick I used was not helpful! :( And yes the sftp is not important. I already had a taken the screen shots for that specific steps hence the same.
-
ysap over 10 years@VishnuPrasadKallummel - AFAICT, the two keys are identical (up to line wrap).
-
Vishnu Prasad Kallummel over 10 yearsI'm sorry, I don't have any further suggestions. :(
-
ysap over 9 yearsThanks. I am no longer in that environment, but can you please elaborate on that field, for the sake of future viewers?