= Secure SHell (SSL) = In this lab we are using your host machine as the ssh client and your Ubuntu VM as the ssh server. Download following applications - PuTTY (the Telnet and SSH client itself) - PuTTYgen (an RSA and DSA key generation utility == Password Based Authentication == - Start PuTTY utility, by double-clicking on its .exe file. - In the Host Name field, enter the IP address/Hostname of ssh server - Click open. - It will ask for username followd by password. - Username apnic and password training - Logout/close this session. == Public Key Authentication == === Generating OpenSSH-compatible Keys for Use with PuTTY === To generate a set of RSA keys with PuTTYgen - Start the PuTTYgen utility, by double-clicking on its .exe file. - For Type of key to generate, select SSH-2 RSA. - In the Number of bits in a generated key field, specify either 2048 or 4096 (increasing the bits makes it harder to crack the key by brute-force methods). - Click the Generate button. - Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full. - A private/ public key pair has now been generated. - In the Key comment field, enter your email address. - The Key passphrase field & re-type the same passphrase in the Confirm passphrase field.9. Click the Save private key button and save as private_key . - Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All. - Right-click again in the same text field and choose Copy. - Open notepad; paste the public key and save it as txt file. === Save The Public Key On The Server === Now, you need to paste the copied public key in the file ~/.ssh/authorized_keys on your server. - Log in to your destination server using putty with username apnic - If your SSH folder does not yet exist, create it manually {{{ mkdir ~/.ssh chmod 0700 ~/.ssh touch ~/.ssh/authorized_keys chmod 0644 ~/.ssh/authorized_keys }}} - Paste the SSH public key into your ~/.ssh/authorized_keys file: {{{ sudo vi ~/.ssh/authorized_keys }}} - Tap the '''i''' key on your keyboard & right-click your mouse to paste. - To save, tap the following keys on your keyboard (in this order): '''Esc, :wq''' Enter. === Create a PuTTY Profile to Save Your Server’s Settings === In PuTTY, you can create (and save) profiles for connections to your various SSH servers, so you don't have to remember, and continually re-type, redundant information. - Start PuTTY by double-clicking its executable file. - PuTTY's initial window is the Session Category (navigate PuTTY's various categories, along the left- hand side of the window). - In the Host Name field, enter the IP address/Hostname of ssh server - Enter the port number in the Port field as 22 .5. Along the left-hand side of the window, select Connection > SSH > Auth - Browse your file system and select your previously-created private key. - Return to the Session Category and enter a name for this profile in the Saved Sessions field. - Click the Save button for the Load, Save or Delete a stored session area. Now you can go ahead and log in and you will not be prompted for a password. However, if you had set a passphrase on your public key, you will be asked to enter the passphrase at that time (and every time you log in, in the future).