Access Linux workstations from any Windows computer via ssh¶
To access an ssh server from Windows, PuTTY is the program. You may get PuTTY on the original site http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html. You should get the installer putty-X.XXX-installer.exe to get all tools. For a simple login, putty.exe will be enough.
Login to a server After installing, start PuTTY from Start / Programs / PuTTY. The first dialog appears:
Enter the hostname you like to connect and activate SSH as protocol. Save this session as Default Settings to be sure to not use telnet by error.
The first time you connect to a server, this dialog appears:
The servers hostkey will be added to your registry and you wont be prompted again. This secures that you are connecting every time to the same machine and protects you from a man in the middle attack.
Now, the terminal window appears and PuTTY asks you about the username:
and the passoword:
If everything went OK, you'll get the shell:
In PuTTY's menu you'll find an entry PSFTP. It's the same program as sftp documented here.
C:\Program Files\PuTTY\pscp.exe is the same program as scp. Adjust your path from Windows to include PuTTY's directory if you use pscp often.
X11 forwarding To use X11 forwarding, you need to install an X11 server. The best X server for Windows is XMing, which you can download from http://www.straightrunning.com/XmingNotes/. There is at least one OpenSource alternative - you may get Cygwin on http://www.cygwin.com/ and install XFree86. You may also install Cygwin's OpenSSH and use ssh like on Linux. Cygwin's X11 server is not as good integrated in the Windows desktop as the commercial X11 servers and should only be installed by people who knows how to use a typical Linux, BSD or UNIX workstation. After starting your local X11 server, activate X11 forwarding in PuTTY:
After logging in on the server, you could start any X11 application and the ouput window should appear on your desktop. As on a real ssh, the traffic is tunneled and encrypted by PuTTY.
Key generation To get a password free access to the server, you need to create ssh-keys. PuTTY delivers a nice application called PuTTYgen with do that:
You'll need to do several steps (NOTE: YOU PROBABLY DON'T WANT TO CREATE SSH1 AND SSH2DSA KEYS ANYMORE):
- Select SSH2RSA as Type of key
- Click generate
- Move the mouse until PuTTYgen has enough randomness
- Enter a passphrase twice
- Save public key as id_rsa.pub
- Save private key as id_rsa.ppk
Load your generated keys to the agent by double-clicking on the files with the hat:
When using PuTTY often, it would be the best to put a shortcut to this keyfiles in your Autorun-Group of the Startmenue.
Now activate Allow agent forwarding in PuTTY's configuration:
Login to your server and type in the following command:
beat@paris:~$ cd .ssh/ beat@paris:~/.ssh$ ssh-add -L > authorized_keys
You should be now able to login without entering a password.