Administrators can add a layer of security to Linux hosts by changing their login from a username and password to a set of private and public keys. This fast PuTTY tutorial demonstrates how to create a key pair and assign it to a Linux host.
PuTTY is a remote terminal emulator that supports Secure Shell (SSH) connections, which is how we will enable public and private keys for the server. An SSH key pair is more secure than a username and password, due to its randomness and complexity. No pet names appear in SSH key pairs.
To follow along with this PuTTY tutorial, set up a Windows desktop and a Linux host, and configure SSH to accept connections. The tutorial uses the PuTTY SSH client and the PuTTYgen key generator.
Start the PuTTY tutorial
Create a public and private set of keys with PuTTYgen. Administrators manage multiple servers, so consider logical, human-readable key comments to differentiate this key pair from many others. A passphrase will also increase the security of your system -- adding two-factor authentication.
Save the public key in a folder -- this tutorial uses a folder called SSH items -- then do the same with the private key. Ensure that you copy the pertinent text for the private key and keep it somewhere safe as it will only appear once.
At this point in the PuTTY tutorial, we have an SSH key pair but have not assigned it to any system. Use your username and password to log in to the Linux server, and then configure it for password-free entry. Start the PuTTY session for the host. Make a hidden OpenSSH folder as shown, and then create an authorized key file to store the OpenSSH key. The touch client command is used to create a new file.
Now, copy the OpenSSH contents into the authorized key file, which should contain the public portion of the SSH key pair. Be careful to copy the entire contents or the step will fail.
Use PuTTY to authenticate the public and private keys at this step. Open PuTTY, and enter the Linux host information. Select SSH connections and Auth and then private key authentication. Choose the information saved earlier in the SSH items folder.
Save the session with a name to make it easy to use the keys each time you go into this Linux server.
Now, log in with your username, and enter the passphrase for the key.
This PuTTY tutorial also shows how to prevent users from logging on with a username and password. If you set up the Linux host this way, only the key pair will grant access. Change the SSH configuration file under usePAM and PasswordAuthentication to "no."