There are two types of authentication with SSH connection with the server one is password based authentication and another one is a SSH key based authentication. The SSH key based authentication is most secure than traditional password based authentication. The SSH key based authentication is less Vulnerable with attacks.
This the recommended step to secure your root logins to the servers. It is necessary step for sysadmins to secure your servers from external attacks. This tutorial explain how to connect your server using the SSH key based authentication using the PuTTY software on Windows OS.
Step-1 (Add a normal users to respective Linux Distribution)
On Ubuntu / Debian
root@techbrown:~# adduser techbrown
On CentOS / RHEL
Add a normal user
root@techbrown:~# adduser techbrown
Add a password to normal users
root@techbrown:~# passwd techbrown
Grant sudo privileges permissions to normal users
On Ubuntu / Debian
root@techbrown:~# gpasswd -a techbrown sudo
On CentOS / RHEL
root@techbrown:~# gpasswd -a techbrown wheel
Step-2 (Generate the Public and Privates SSH keys)
root@techbrown:~# ssh-keygen -t rsa
Open the public SSH key and copy it for further use
root@techbrown:~# cat /root/.ssh/id_rsa.pub
Sample Output
Save the above public keys to notepad for further use
Step-3 (Add the Public SSH keys to normal users)
Switch the root user to normal users
root@techbrown:~# su - techbrown
Create SSH directory
techbrown@techbrown:~$ mkdir .ssh
Provide the secure 700 permissions to directory
techbrown@techbrown:~$ chmod 700 .ssh
Add the generated public keys to the file
techbrown@techbrown:~$ vi .ssh/authorized_keys
Provide the secure 600 permissions to files
techbrown@techbrown:~$ chmod 600 .ssh/authorized_keys
Sign out from normal users
techbrown@techbrown:~$ exit
Step-4 (Disable the root user login using SSH)
On Ubuntu / Debian
root@techbrown:~# vi /etc/ssh/sshd_config
Find the lines
PermitRootLogin yes
Change it to
PermitRootLogin no
On CentOS / RHEL
root@techbrown:~# vi /etc/ssh/sshd_config
Find the lines
#PermitRootLogin yes
Change it to
PermitRootLogin no
Restart the SSH service to confirm changes
Finally restart the SSH services to make the changes
root@techbrown:~# systemctl restart ssh
Step-5 (Copy the Private SSH keys)
root@techbrown:~# cat /root/.ssh/id_rsa
Sample Output
Save the Private SSH keys to notepad file
Open notepad and save the Private SSH keys to it and save it using the .txt extension.
Step-6 (Download and Install PuTTY Software)
You can download the Putty Software package (putty-installer.msi) from the official website and install it on respective Windows OS.
Save SSH private keys in .ppk extension
Open PuTTYGen from start menu
Load the saved Private SSH key saved in .txt extension
Finally save the private key into its own .ppk extension
Step-7 (SSH key based authentication using SSH private keys)
Open PuTTY from Start Menu
Select the normal users that you have created during this tutorial
Select the private SSH key file for authentication
Set the IP to Login with SSH private key based logins and finally hit on open to open the terminal
If you are successfully authenticated the you will see the terminal window shown as below.
If anyone tries with the SSH password based logins then will get the access denied information this makes your server so secure and less vulnerable to attacks.
Congratulations now you have successfully configured Putty SSH key based login on Windows 10.
