Generating SSH keys in Windows: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (17 intermediate revisions by 4 users not shown) | |||
| Line 6: | Line 6: | ||
<!--T:1--> | <!--T:1--> | ||
[[File:Puttygen1.png|400px|thumb| PuTTYgen | [[File:Puttygen1.png|400px|thumb| PuTTYgen before generating a key (Click for larger image)]] | ||
[[File:Puttygen2.png|400px|thumb| PuTTYgen | [[File:Puttygen2.png|400px|thumb| PuTTYgen after generating a key (Click for larger image)]] | ||
=Generating a key pair= <!--T:14--> | |||
<!--T:2--> | <!--T:2--> | ||
The process of generating a key is nearly the same whether you are using PuTTY or MobaXTerm. | |||
* With MobaXTerm, go to the menu item Tools->MobaKeyGen (SSH key generator) | |||
* With PuTTY, run the PuTTYGen executable. | |||
Both of these methods will cause a window to be displayed which can be used to generate a new key or to load an existing key. | |||
The PuTTY window is illustrated at right. The MobaXTerm window looks almost exactly the same. | |||
<!--T:3--> | |||
# | # For "Type of key to generate" select "Ed25519". (Type "RSA" is also acceptable, but set the "Number of bits" to 2048 or greater.) | ||
# Click the "Generate" button. You will then be asked to move your mouse around to generate random data to be used to create the key. | # Click the "Generate" button. You will then be asked to move your mouse around to generate random data to be used to create the key. | ||
# Enter a passphrase for your key. | # Enter a passphrase for your key. Remember this passphrase, you will need it every time you reload PuTTY or MobaXTerm to use this key pair. | ||
# Click | # Click "Save private key" and choose a meaningful file name; the extention <code>.ppk</code> is added to the file name. (e.g. compute_canada.ppk). | ||
# Click "Save public key". It is conventional to save the public key with the same name as the private key, but here, the extension is <code>.pub</code>. | |||
=Installing the public part of the key pair= <!--T:6--> | |||
==Installing via CCDB== <!--T:15--> | |||
<!--T:10--> | |||
We encourage you to register your SSH public key with the CCDB. This will let you to use it to log in to any of our HPC clusters. Copy the contents of the box titled "Public key for pasting into OpenSSH ..." and paste it into the box at [https://ccdb.computecanada.ca/ssh_authorized_keys CCDB -> Manage SSH Keys]. For more about this, see [[SSH_Keys#Using_CCDB| SSH Keys: Using CCDB]]. | |||
==Installing locally== <!--T:16--> | |||
<!--T:11--> | |||
If for some reason you do not want to use the CCDB method, you may upload your public key onto <em>each</em> cluster as follows: | |||
<!--T:13--> | |||
# Copy the contents of the box titled "Public key for pasting into OpenSSH ..." and paste it as a single line at the end of <code>/home/USERNAME/.ssh/authorized_keys</code> on the cluster you wish to connect to. | |||
# Ensure the permissions and ownership of the <code>~/.ssh</code> directory and files therein are correct, as described in [[Using SSH keys in Linux#Installing_locally|these instructions]]. | |||
<!--T:17--> | |||
You may also use <code>ssh-copy-id</code> for this purpose, if it is available on your personal computer. | |||
=Connecting using a key pair= <!--T:18--> | |||
<!--T:12--> | |||
Test the new key by connecting to the server using SSH. | |||
See [[Connecting with PuTTY#Using a Key Pair| connecting with PuTTY using a key pair]]; [[Connecting with MobaXTerm#Using a Key Pair| connecting with MobaXTerm using a key pair]]; or [https://winscp.net/eng/docs/ui_login_authentication connecting with WinSCP]. | |||
<!--T:4--> | <!--T:4--> | ||
Key generation and usage is demonstrated in this | Key generation and usage with PuTTY is demonstrated in this video : [https://www.youtube.com/watch?v=2nkAQ9M6ZF8 Easily setup PuTTY SSH keys for passwordless logins using Pageant]. | ||
=Converting an OpenStack key= <!--T:19--> | |||
<!--T:5--> | |||
When a key is created on [[OpenStack]] you obtain a key with a ".pem" extension. This key can be converted to a format used by PuTTY by clicking the "Load" button in PuTTYGen. Then select the "All Files (*.*)" filter | When a key is created on [[Managing_your_cloud_resources_with_OpenStack|OpenStack]] you obtain a key with a ".pem" extension. This key can be converted to a format used by PuTTY by clicking the "Load" button in PuTTYGen. Then select the "All Files (*.*)" filter, select the ".pem" file you downloaded from OpenStack, and click "Open". You should also add a "Key passphrase" at this point to use when accessing your private key and then click "Save private key". | ||
<!--T:7--> | <!--T:7--> | ||
This private key can be used with PuTTY to connect to a VM | This private key can be used with PuTTY to connect to a VM created with OpenStack. For more about this, see "Launching a VM" on the [[Cloud Quick Start]] page. | ||
<!--T:8--> | <!--T:8--> | ||
[[Category:Connecting]] [[Category:Pages with video links]] | [[Category:Connecting]] [[Category:Pages with video links]] | ||
</translate> | </translate> | ||
Latest revision as of 20:50, 31 January 2023
Parent page: SSH
Generating a key pair[edit]
The process of generating a key is nearly the same whether you are using PuTTY or MobaXTerm.
- With MobaXTerm, go to the menu item Tools->MobaKeyGen (SSH key generator)
- With PuTTY, run the PuTTYGen executable.
Both of these methods will cause a window to be displayed which can be used to generate a new key or to load an existing key. The PuTTY window is illustrated at right. The MobaXTerm window looks almost exactly the same.
- For "Type of key to generate" select "Ed25519". (Type "RSA" is also acceptable, but set the "Number of bits" to 2048 or greater.)
- Click the "Generate" button. You will then be asked to move your mouse around to generate random data to be used to create the key.
- Enter a passphrase for your key. Remember this passphrase, you will need it every time you reload PuTTY or MobaXTerm to use this key pair.
- Click "Save private key" and choose a meaningful file name; the extention
.ppkis added to the file name. (e.g. compute_canada.ppk). - Click "Save public key". It is conventional to save the public key with the same name as the private key, but here, the extension is
.pub.
Installing the public part of the key pair[edit]
Installing via CCDB[edit]
We encourage you to register your SSH public key with the CCDB. This will let you to use it to log in to any of our HPC clusters. Copy the contents of the box titled "Public key for pasting into OpenSSH ..." and paste it into the box at CCDB -> Manage SSH Keys. For more about this, see SSH Keys: Using CCDB.
Installing locally[edit]
If for some reason you do not want to use the CCDB method, you may upload your public key onto each cluster as follows:
- Copy the contents of the box titled "Public key for pasting into OpenSSH ..." and paste it as a single line at the end of
/home/USERNAME/.ssh/authorized_keyson the cluster you wish to connect to. - Ensure the permissions and ownership of the
~/.sshdirectory and files therein are correct, as described in these instructions.
You may also use ssh-copy-id for this purpose, if it is available on your personal computer.
Connecting using a key pair[edit]
Test the new key by connecting to the server using SSH. See connecting with PuTTY using a key pair; connecting with MobaXTerm using a key pair; or connecting with WinSCP.
Key generation and usage with PuTTY is demonstrated in this video : Easily setup PuTTY SSH keys for passwordless logins using Pageant.
Converting an OpenStack key[edit]
When a key is created on OpenStack you obtain a key with a ".pem" extension. This key can be converted to a format used by PuTTY by clicking the "Load" button in PuTTYGen. Then select the "All Files (*.*)" filter, select the ".pem" file you downloaded from OpenStack, and click "Open". You should also add a "Key passphrase" at this point to use when accessing your private key and then click "Save private key".
This private key can be used with PuTTY to connect to a VM created with OpenStack. For more about this, see "Launching a VM" on the Cloud Quick Start page.