In the section “Key-Based Authentication Using PuTTY” in Chapter 4, you reviewed how PuTTY can effectively be used for key-based authentication for a Windows-based client. What about key-based authentication for Linux-based clients? The answer is PuTTY again.

You can download the Linux-based version of PuTTY from various sources. I used rpm (Red Hat Package Manager, a package management system used for software distribution in Linux domain) for the latest PuTTY version (0.63) for CentOS 6.2; the file is putty-0.63-1.el6.rf.x86_64.rpm. You can download the rpm from various sources; you just need to search for your operating system. After you download the file, install the rpm:

rpm -Uvh putty-0.63-1.el6.rf.x86_64.rpm

To generate a pair of private and public keys in the Linux version of PuTTY, you use a command line utility called PuTTYgen, which is installed automatically when you install PuTTY via rpm. To generate the key pair, use the following command:

puttygen -t rsa -C "my key pair" -o bcl.ppk

PuTTYgen then prompts you to enter a passphrase. Make a note of it, because you will need to specify the same passphrase every time you use the key pair to connect to a host.

You can save the key in your home directory (easy to remember the location) and then export the public key to the authorized_keys file using the following command:

puttygen -L bcl.ppk >> $HOME/.ssh/authorized_keys

Next, copy the authorized_keys file to hosts you need to connect to (using PuTTY). Note that if your host already has an authorized_keys file in the $HOME/.ssh directory, then copy your newly created file using a different name and append its contents to the existing authorized_keys file.

Next, invoke PuTTY at the command prompt by typing putty. The interface looks identical to its Windows-based counterpart (Figure B-1).

For connecting to a server, click the option SSH to open the drop-down and then click the option Auth (authorization) under that. On the right side of the PuTTY interface, click Browse and select the private key file you saved earlier (/root/bcl.ppk in this example). Click Open to open a new session.

That’s it! You are now ready to use PuTTY with key-based authentication! Figure B-2 shows the login prompt and the prompt for a passphrase.

Using SSH for Remote Access

You can also use SSH to connect remotely to a host. If you want to use a key pair for authentication with SSH, you first need to use a utility called ssh-keygen to generate the keys. By default, the keys are saved in the $HOME/.ssh directory as files id_rsa (private key) and id_rsa.pub (public key). Figure B-3 shows a key pair generated in the default location without a passphrase (you can specify a passphrase for additional security).

The public key can be copied to appropriate hosts and appended to the existing authorized_keys file in $HOME/.ssh directory. To use the private key file to connect to a host, use the syntax:

ssh -i ~/.ssh/id_rsa root@Master

Here, root is the user and Master is the server to which you are trying to connect.

In case you have multiple hosts and you want to organize the process of connecting to them, you can create host entries in a file called config in directory $HOME/.ssh. The entries are created using the following format:

Host Master
User root
HostName Master
IdentityFile ~/.ssh/id_rsa

Then, you can simply connect as:

ssh -f -N Master