Note: PuTTY Settings and Public-Key Authentication

Migrating to Linux series.

PuTTY Settings

PuTTY for Linux.
At first I didn’t get how to use it.

After I finally figured it out, my impression was: it’s basically a GUI for the config file.

Open the app: the big middle panel is for selecting a config profile. You can Load / Save / Delete.
There is Default Settings. This is what PuTTY loads by default at startup, and it’s also the template for creating other config profiles.
To add an SSH config, fill in Host Name/IP address, Port, etc. Then type the profile name in the blank field under Saved Sessions and click Save.
To edit a config later: click the profile, Load it (like opening the config file), make changes, then Save (like saving it).

Configure Default Settings first. Then creating new SSH configs will be much less work.

Here are some of my basic settings:

Window
Change window size.
The default SSH window is too small. Adjust Columns and Rows to something reasonable.
Window ->> Selection
Make Ctrl Shift C/V use Clipboard, matching terminal behavior.
Connetction
TCP keepalives
Enable this to keep the SSH session alive.
This alone is not enough; you also need to set Sending of null packets to keep sessions active to an interval value, e.g. 4 seconds.
Connetction ->> Data
Fill in Auto-login username so you don’t need to type it every time.
Connetction ->> Proxy
Essential in the wall country. No further comment.

Those are my basic PuTTY settings. Fonts/colors/etc. are personal preference.
(It took some time to set up; not writing it down would be a waste.)

Public-Key Authentication

If you want real “one-click login”, set up public-key authentication. Convenient and secure, why not.

References

荒岛 - SSH那点事：公钥验证/两步验证/Fail2ban
Log in to a Linux server with an SSH private key on a Windows client
How To Use Putty with an SSH Private Key Generated by OpenSSH

I’m too noob. I couldn’t tell which machine is local vs remote from the first tutorial. I only understood after reading the second one.

Generate a key pair on the local machine. Keep the private key safe. Put the public key on the remote machine, and enable public-key authentication there.
Then when you log in from the local machine, the remote machine checks your public key and goes: oh, a familiar machine, let it in.

Steps

Generate key pair on local machine
- ssh-keygen -b 4096, press Enter all the way. This generates id_rsa and id_rsa.pub.
  The first is the private key (keep it safe). The second is the public key (share it).
Enable public-key auth on the remote machine
- mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys create the file to store keys.
- chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys set permissions so others can’t read it.
- vim ~/.ssh/authorized_keys paste the public key from the local machine.
- vim /etc/ssh/sshd_config edit sshd config:
  - PubkeyAuthentication yes enable public-key auth
  - PasswordAuthentication no (optional) disable password login if desired
- systemctl restart sshd restart sshd
Configure PuTTY to use the key
- Convert key via puttygen
  PuTTY can’t use the raw RSA private key file directly; it needs PuTTY’s format. Installing PuTTY also installs the converter. Command: puttygen inputfile -o ouputfile
  Run puttygen ~/.ssh/id_rsa -o ~/.ssh/id_rsa_putty to convert your local private key.
- Select the private key for authentication
  Connetction ->> SSH ->> Auth
  Set Private key file for authentication to the converted id_rsa_putty, and save.

Now you can “one-click login” to the remote host.

The end,撒花.

1
sudo firewall-cmd --permanent --remove-service=ssh
2
sudo firewall-cmd --permanent --add-port=2244/tcp
3
sudo firewall-cmd --reload

Search

Note: PuTTY Settings and Public-Key Authentication

PuTTY Settings

Public-Key Authentication

References

Rough Idea

Steps

Updates

2020/09/16 update

2020/09/17 update