| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
| other:putty_conf [2022/08/03 14:44] – [Starting a session from a desktop shortcut] jypeter | other:putty_conf [2023/03/13 18:02] – [Creating ssh keys with PuTTYgen] Improved jypeter |
|---|
| ====== Configuring and using PuTTY/Pageant ====== | ====== Configuring and using PuTTY/Pageant ====== |
| |
| PuTTY is a free and easy to use [[other:ssh|ssh client]] for **Windows**. You can use it to connect to your favorite remote Linux servers in text mode, and start remote graphical applications if you also have a running [[other:win10wsl#installing_an_x_server|X server]] | PuTTY is a free and easy to use [[other:ssh|ssh client]] for **Windows**. You can use it to connect to your favorite remote Linux servers in text mode, and start remote graphical applications if you also have a running [[other:x_conf|X server]] |
| |
| ===== Installation ===== | ===== Installation ===== |
| * Specify your login name (on the LSCE servers) in **Auto-login username**. This way you won't have to type it when you connect to the Linux server!\\ {{ :other:putty_06.png?direct |}} | * Specify your login name (on the LSCE servers) in **Auto-login username**. This way you won't have to type it when you connect to the Linux server!\\ {{ :other:putty_06.png?direct |}} |
| * In the ''Connection'' => ''SSH'' => ''Kex'' category: | * In the ''Connection'' => ''SSH'' => ''Kex'' category: |
| * **<wrap hi>Unselect Attempt GSAPPI key exchange</wrap>**!\\ If you forget to do this, connecting to a server will seem to take forever (if it works at all)...\\ {{ :other:putty_gssapi.png?direct |}} | * **<wrap hi>Unselect Attempt GSSAPI key exchange</wrap>**!\\ If you forget to do this, connecting to a server will seem to take forever (if it works at all)...\\ {{ :other:putty_gssapi.png?direct |}} |
| * In the ''Connection'' => ''SSH'' => ''Auth'' category: | * In the ''Connection'' => ''SSH'' => ''Auth'' category: |
| * Select **Allow agent forwarding**. This is the same as [[/other:ssh#standard_usage|using ssh with the -A option]]\\ {{ :other:putty_07.png?direct |}} | * Select **Allow agent forwarding**. This is the same as [[/other:ssh#standard_usage|using ssh with the -A option]]\\ {{ :other:putty_07.png?direct |}} |
| * In the ''Connection'' => ''SSH'' => ''X11'' category: | * In the ''Connection'' => ''SSH'' => ''X11'' category: |
| * Select **Enable X11 forwarding**. This is the same as [[/other:ssh#standard_usage|using ssh with the -X option]]\\ {{ :other:putty_08.png?direct |}} | * Select **Enable X11 forwarding**. This is the same as [[/other:ssh#standard_usage|using ssh with the -X option]]\\ Note: remember that you will also need an [[other:x_conf|X server running]] in order to display graphics!\\ {{ :other:putty_08.png?direct |}} |
| |
| * When you have finished updating the settings, **do not forget to go back to ''Category'' => ''Session'' and Save the session**!\\ {{ :other:putty_09.png?direct |}} | * When you have finished updating the settings, **do not forget to go back to ''Category'' => ''Session'' and Save the session**!\\ {{ :other:putty_09.png?direct |}} |
| |
| Read the [[other:ssh#using_ssh_keys|Using ssh keys]] section if you don't know what //ssh keys// are | Read the [[other:ssh#using_ssh_keys|Using ssh keys]] section if you don't know what //ssh keys// are |
| ==== Existing ssh keys ==== | <WRAP center round important 80%> |
| | * **Do not lose** the (existing) ssh keys files you have, or the keys that you will create |
| | * It's a very good idea to **keep a copy of these files** on another computer! |
| |
| ==== Importing or creating ssh keys with PuTTYgen ==== | * **Do not forget** the passphrase that will be used to unlock the private key |
| |
| * Launch the PuTTY Key Generator:\\ ''Start'' => ''PuTTY'' => ''PuTTYgen'' | * If you save the passphrase in a file, **do not** put this file in the same place as the ssh keys |
| |
| * If you already have a private ssh keys generated on another computer, ''id_rsa'', you just have to use PuTTYgen to **import the private key**, and save it to a ''.ppk'' file that ''Pageant'' can use | * Easiest thing to do is probably to store the key files in an ''ssh'' sub-directory somewhere |
| * Import the key (and type the passphrase, when asked) with: ''Conversions''=>''Import key''\\ {{ :other:putty_21.png?direct&300 |}} | * We assume below that they keys are in a sub-directory of your [[other:win10config#the_most_important_folders|local HOME FOLDER]]\\ \\ <some_disk_different_from_c>:\Users\<your_login>\ssh\ |
| * Then click on the ''Save private key'' button, and create a ''id_rsa.ppk'' file (or ''any_name_you_want.ppk'')\\ {{ :other:putty_22.png?direct&300 |}} | </WRAP> |
| |
| * If you don't have a set of ssh keys, follow the steps below to **create private and public keys** | |
| * Make sure that the type of key (at the bottom of the PuTTYgen window) is ''RSA'' and that the number of bits is ''4096'' | |
| * Click on the ''Generate'' button and move your mouse to generate some random information | |
| * Type your ''Key passphrase'' and confirm it | |
| * Click on the ''Save private key'' button, and create a ''id_rsa.ppk'' file (or ''any_name_you_want.ppk'')\\ {{ :other:putty_23.png?direct&300 |}} | |
| * Click on the ''Save public key'' button, and create a ''id_rsa.pub'' file | |
| * Click on ''Conversions''=>''Export OpenSSH key'', and create a (standard) ''id_rsa'' file\\ You will not need this file with Putty, but it is just in case you need to use your private key later on a Linux computer | |
| |
| |
| | Launching the ''PuTTY Key Generator'': ''Start'' => ''PuTTY'' => ''PuTTYgen'' |
| | |
| | ==== Converting existing ssh keys with PuTTYgen ==== |
| | |
| | If you already have a private ssh keys generated on another computer (e.g. an ''id_rsa'' text file), you just have to use ''PuTTYgen'' to **import the existing private key**, and then export it to a //converted// ''.ppk'' file that ''Pageant'' can use |
| | * Import the key (and type the passphrase, when asked) with: ''Conversions''=>''Import key''\\ {{ :other:putty_21.png?direct&300 |}} |
| | * Then click on the ''Save private key'' button, and create a ''id_rsa.ppk'' file (or ''any_name_you_want.ppk'')\\ {{ :other:putty_22.png?direct&300 |}} |
| | |
| | ==== Creating ssh keys with PuTTYgen ==== |
| | |
| | If you don't already have an existing set of //recent-enough// ssh keys, follow the steps below to **create a set of private and public keys**. |
| | |
| | Notes: |
| | * by //recent-enough//, we mean //rsa// and preferably //ed25519// (//dsa// is deprecated) |
| | * extra technical details (that you can probably safely ignore) are available in the official [[https://the.earth.li/~sgtatham/putty/0.78/htmldoc/Chapter8.html#pubkey-puttygen|Using PuTTYgen, the PuTTY key generator]] documentation |
| | |
| | Steps: |
| | * Make sure that the selected //Type of key to generate// (at the bottom of the ''PuTTYgen'' window) is ''EdDSA'' (short for //Edwards-curve DSA//), with the default ''255'' bits.\\ This will generate **//ed25519// keys** that are now recommended on the IPSL servers |
| | * {{:other:putty_23b.png?direct&500|}} |
| | * You could also use ''RSA'' and ''4096'' bits, but ''ed25519'' keys are now recommended on the IPSL servers |
| | * Click on the ''Generate'' button and move your mouse to generate some random information |
| | * Type your ''Key passphrase'' and confirm it |
| | * Read [[other:ssh#some_common_sense_advice|Do not forget your passphrase!]] if you need some advice |
| | * Click on the ''Save private key'' button, and create an ''id_ed25519**.ppk**'' file |
| | * **Important!** Click ''Conversions''=>''Export OpenSSH Key'' and create an ''id_ed25519'' file (a text file with **no** ''.ppk'' extension) |
| | * You will not need this file when you use PuTTY, but you may need to use this private key in a standard text format later, on Linux computers/servers |
| | * Click on the ''Save public key'' button, and create a ''id_ed25519**.pub**'' file |
| | * You will need to [[other:ssh#installing_ssh_keys|install the public key]] on all the remote Linux server that you want to connect to using the ssh agent, instead of typing your password |
| | |
| | ==== Using the private key in Pageant ==== |
| | |
| | We assume that the **private key file** is available locally in ''<some_disk_different_from_c>:\Users\<your_login>\ssh\'' |
| | |
| | * Start ''Pageant'' and open the ''Pageant Key List'' window by: |
| | * Double-clicking (left mouse button) on ''Pageant'' |
| | * Or right-clicking on ''Pageant'' and choosing ''View keys'' |
| | * Click on ''Add Key'', navigate to the directory where you have stored the ''.ppk'' converted private key file (e.g. ''\Users\<your_login>\ssh\''), open it and type your passphrase. You can ''Close'' the ''Pageant Key List'' once the key appears there\\ {{ :other:putty_private.png?direct&300 |}} |
| | * If everything was done correctly, you should now be able to open the //Sessions// defined in ''Pageant'', on remote servers where the **public key matching the private key** used in ''Pageant'' was [[other:ssh#installing_ssh_keys|installed correctly]] |
| |
| /* standard page footer */ | /* standard page footer */ |
