All posts by Don Matteo

lebt in Zürich, ist System Engineer MCP bei A-Enterprise GmbH. Mitglied des UNBLOG Network. Author und Blogger zu den Themen, Linux und Open Source. Tutorials für Windows, VMware, Synology, Fortinet.
Howto Tutorials (EN)

How to use PuTTY SSH Key Generator

Home
Leave a comment

Generate SSH Key using PuTTY Key Generator

OpenSSH keys are used to log in to a Linux host without a password query prompt, or to run in batch processes, for example to enable authentication from scripts.

Generate OpenSSH Key

The PuTTY Key Generator generates a key par, after which the public key is copied to the remote host.

The PuTTY SSH Key Generator generates a key par, after which the public key is copied to the remote host.

In the key comment field, your own email address can be entered, the generated private key is stored as privkey.ppk, the public key is stored as pubkey.ppk. The public key is stored on the remote host under the user’s home path in the .ssh directory in the authorized_keys file, and nothing can be changed in the copy & paste of the content.

[user@smarthost .ssh]$ ll
Total 16
drwx------ 2 user user 4096 21 Oct 2013 .
drwx------ 10 user user 4096 10 Apr 15:13 ..
-rw------- 1 user user 1124 21 Oct 2013 authorized_keys

The directory .ssh should have the right 700 and the owner must be user. This user user should serve as an example here.

PuTTY with OpenSSH Key

The host should be logged in to this one, with the IP or host name in the Session and Host Name (or IP address) section.

Illustration: PuTTY session

The path to the private key generated with PuTTY Key Generator is entered under Connection – SSH – Auth.

Illustration: SSH authentication

Auto-login username defines the user who should authenticate.

Illustration: Auto-login username
It’s done

With SSH daemon, key authentication is enabled in the configuration file /etc/ssh/sshd_config

# Authentication for user id's
AllowUsers user
# Allow key authentication
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Tip! PuTTY can be run in command-line, so scripts can be performed.

# use putty load session name
"C:\Program Files\PuTTY\putty.exe" -load smarthost.mydomain.com
# Use putty session command-line
"C:\Program Files\PuTTY\putty.exe" -i C:\Users\user\ssh-privkey.ppk user@smarthost.mydomain.com

plink give the possibility to use PuTTY via CLI.

plink -i C:\Users\user\ssh\privkey.ppk userd@smarthost.mydomain.com

Remarks

PuTTY is free software for establishing connections via Secure Shell (SSH), Telnet, remote login or serial interfaces. PuTTY serves as a client and establishes the connection to a server. When the connection is established, the user’s identity is verified using one of the provided authentication methods. PuTTY is available for Windows and Linux.

Howto Tutorials (EN)

Server 2012 Enhanced Security Configuration

Home
Leave a comment

Disable enhanced security configuration for Internet Explorer

Newly installed Windows Server 2012 uses the so-called enhanced security configuration for Internet Explorer by default. This blocks the functions of the browser in such a way that it can no longer be used for websites from the Internet security zone. If you actually need a browser on a server, e.B. for MS software components of the required services for further installations, then this feature can of course be switched off.

how to do it

If you visit only a manageable number of sites, you can include them in the trusted sites group, where they are exempt from the strict restrictions of enhanced security configuration.

However, if you are annoyed by the constant security warnings, the restrictive setting can be deactivated.

Server Manager 2012

Disable enhanced security configuration.

Enhanced security configuration for IE Off

Internet Explorer security alerts no longer appear, but protection no longer exists. The new browser Microsoft Edge provides better protection against web pages with malicious code.