Skip to content

Welcome to ka8zrt.com

Sections
Personal tools
You are here: Home » How to ... » Using PuTTYgen
Log in


Forgot your password?
 
Views
Actions

Using PuTTYgen

Document Actions
last edited 2 years ago by cinnion
These are the steps for generating a SSH key using PuTTY's PuTTYgen utility. This is intended to supplement Section 8.2of the PuTTY documentation

NOTE: All images in this article are available in higher resolution images. This article uses images with a 1024x768 resolution, and resizes them to 512x384 to avoid overloading your screen. If you right click and select "View Image" in your browser, you will see the same image you have already downloaded at a higher resolution. However, the browser may still want to have you click on the image at this point to see it with no resizing at all. In addition, if you still are having problems, these images are also available in the original 1600x1200 resolution, which is available by clicking on the hotlink provide on each image. You should note that with these images, your browser is quite likely to resize the images, and initially show you a much smaller version with lots of artifacts.

  • Step 1: Run PuTTYgen

    Go to the Start menu, and select the PuTTYgen utility in the PuTTY folder.

    This image shows step 1 of PuTTYgen

    At this point, you will see the entry screen of PuTTYgen, which will look like this:

    This image shows the entry screen of PuTTYgen

  • Step 2: Select the key parameters and generate the key.

    At this point, you will want to select the type of key you wish to generate, along with the number of bits to use. It should be noted that SSH2 is better than SSH1, and RSA is in general better than DSA. So you will almost certainly want to select "SSHv2? RSA". Also, just like the teeth on a real key, the more bits in the SSH key, the more secure the resulting key will be. However, with the increase in the number of bits of a key, there is an increase in the processing required. In most cases, 1024 bits is good. For really sensitive systems and connections, increasing this to 1536, 2048 or more *might* be a consideration. **However, never use less than 1024 bits!**. Once you have done this, click on the "Generate" key. You will be asked to move the mouse around to generate some random data, and the screen will look like this:

    This image shows the random key data being generated

    Once sufficient random data has been collected, you will see the information about your key, which will look something like this:

    This image shows the generated key information

  • Step 3: Protecting your identity

    At this point, you will almost always want to protect your identity by encrypting the private part of your SSH key with a passphrase. Like a password, a passphrase is something which should be relatively random but easy enough to remember so that you never have to write it down. But unlike the passwords on most systems, a passphrase can generally be much longer. So, possible passphrases could be like:

    the quick brown fox jumped over the fence or now is the time for all good men to come to the aid of their country. However, neither of these would make good passphrases, as they are both very well known. They could be improved with tricks such as substituting certain number in for certain letters, intentional typos and misspellings, and such. However, even then, they might not be secure enough.

    Once you have entered your passphrase, the screen will look something like this:

    This image shows the generated key information with a passphrase

    You should also note, now is a good time to add a comment to the key, which could simply be the email address for which you intend to use the key.

  • Step 4: Saving your keys.

    What good is going to all of this trouble if you do not save your keys? This is just like going to the trouble of putting a lock on your door, but never using it. At this time, you will want to click on "Save public key" and "Save private key". The most important of these steps is to save the private key, as PuTTY will allow you to regenerate your public key with it. So at this point, you should press the "Save private key" button. In doing do, you will be presented with a dialog requesting the name of the file to hold your private key. I like to follow the conventions used on most UN*X systems, and use names like "id_dsa", "id_rsa" or "id_rsa_2048" for DSA, RSA and 2048-bit RSA keys. Once you enter the name, you will want to press the "Save" button. Prior to pushing the "Save" button, your screen will look like this:

    This image shows saving the private key

    PuTTY will add the extension of ".PPK" to the file, which it uses and should be associated with PuTTY.

    Likewise, you will want to click on "Save public key" and save it to a text file. In this case, you will likely want to use the same name, but add an extension such as ".pub" extension. Once you have entered the name, you will press "Save" button. While saving your public key, your screen will look something like this:

    This image shows saving the public key

  • Step 5: Using your keys.

    At this point, you will want to start using your keys. Topics of interest at this point are:

    • Using Pagent to provide your public keys
    • Installing your public key on other systems
« August 2008 »
Su Mo Tu We Th Fr Sa
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            
 
 
Powered by Plone

This site conforms to the following standards: