Generating SSH Keys on Windows

I recently had the privilege of working with one of the Internet Archive’s Virtual Machines for Researchers. 

More information about this resource is available at http://blog.archive.org/2013/07/04/how-to-use-the-virtual-machine-for-researchers/.  The "How To Get An Account" section found at that link details how to generate a SSH key, have it added to the virtual machine, and log in.  Unfortunately, it assumes the user is working on a *NIX system, and provides no guidance for performing those steps on a Windows system.  As I generally work in Windows, and generating SSH keys is not something that I do everyday, I recorded the steps and now offer them here for whoever might find them useful.

These instructions are specifically for gaining access to the Internet Archive virtual machines, but should be applicable to any situation that calls for the generation and use of a SSH key.

Generate SSH Keys on Windows

1) Follow the links on http://www.putty.org/ to download the full PuTTY Windows installation package (not just the individual binaries). PuTTY is a Telnet and SSH client for Windows.  The full installation includes PuTTYgen, which is a utility for generating SSH keys.

2) Install PuTTY.

3) Run the PuTTYgen utility. 

4) Ensure that "SSH-2 RSA" is selected as the type of key to generate. 

5) Set the number of bits in a generated key to 2048.

Image

6) Click the "Generate" button.  Here is how the PuTTYgen documentation (http://the.earth.li/~sgtatham/putty/0.63/htmldoc/Chapter8.html#pubkey-puttygen) describes what happens next:

First, a progress bar will appear and PuTTYgen will ask you to move the mouse around to generate randomness. Wave the mouse in circles over the blank area in the PuTTYgen window, and the progress bar will gradually fill up as PuTTYgen collects enough randomness. You don’t need to wave the mouse in particularly imaginative patterns (although it can’t hurt); PuTTYgen will collect enough randomness just from the fine detail of exactly how far the mouse has moved each time Windows samples its position.

When the progress bar reaches the end, PuTTYgen will begin creating the key. The progress bar will reset to the start, and gradually move up again to track the progress of the key generation. It will not move evenly, and may occasionally slow down to a stop; this is unfortunately unavoidable, because key generation is a random process and it is impossible to reliably predict how long it will take.

When the key generation is complete, a new set of controls will appear in the window to indicate this.

Image(1)

The new controls that appear after the key generation completes allow you to enter a comment and passphrase, and save the private/public keys to files.

7) Replace the default "Key comment" with "{username}@researcher0.fnf.archive.org", where username is the name that you would like to use to login to the VM.

8) Replace the "Key passphrase" with the passphrase or password to use when logging in.  Repeat the passphrase/password in the Confirm Passphrase box.

9) Click the "Save public key" button.  Select a location for the file and supply a filename that is something like "id_rsa.{username}@researcher0.fnf.archive.org.pub", again replacing {username} with the username that you will be using to login to the VM.

10) Click the "Save private key" button.  Select a location for the file and supply a filename that is something like "id_rsa.{username}@researcher0.fnf.archive.org", again replacing {username} with the username that you will be using to login to the VM.  PuTTYgen will give the file a ppk extension.

11) In the same location as the previous two key files, create and open a new file named "id_rsa.{username}@researcher0.fnf.archive.org", again replacing {username} with the username that you will be using to login to the VM.  Back in PuTTYgen, copy the contents of the "Public key for pasting into OpenSSH authorized_keys file" box, and paste it into the newly created file.  Save and close the file.

12) Forward the file created in step 11 to the appropriate Internet Archive representative so that a user account can be created and your public key can be added to the server.

Use SSH Keys To Log On

1) Run  PuTTY

Image(2)

2) Enter the name or IP Address of the machine to which you will be connecting in the "Host Name" box.

3) Expand the SSH branch of the "Category" treeview, and select "Auth".

Image(3)

4) Click the "Browse" button next to the "Private key file for authentication" text box, and select the private key file that you generated.  In the example above, the key file was named "id_rsa.{username}@researcher0.fnf.archive.org.ppk".

5) Click the "Open" button to initiate a connection to the host.  To complete the login, enter the username and password that you supplied when generating the SSH keys.

Advertisements

One Response to Generating SSH Keys on Windows

  1. Pingback: How to use the Virtual Machine for Researchers | Internet Archive Blogs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: