Differences
This shows you the differences between the selected revisions of the page.
| guide_public_key 2015-02-26 | guide_public_key 2025-02-07 (current) | ||
| Line 1: | Line 1: | ||
| ====== Set up SSH public key authentication ====== | ====== Set up SSH public key authentication ====== | ||
| - | //This guide contains description of setting up public key authentication for use with WinSCP. You may want to learn more about [[public_key|public key authentication]] or [[ssh_keys|SSH keys]] instead//. | + | //This guide contains a description of setting up public key authentication for use with WinSCP. You may want to learn more about [[public_key|public key authentication]] or [[ssh_keys|SSH keys]] instead//. | 
| ===== Before Starting ===== | ===== Before Starting ===== | ||
| Line 8: | Line 8: | ||
| * [[guide_connect|Know how to connect to the server without public key authentication]]. | * [[guide_connect|Know how to connect to the server without public key authentication]]. | ||
| - | ===== Generate Key Pair ===== | + | ===== [[generate]] Generate Key Pair ===== | 
| If you do not have a key pair yet, start with [[public_key#generate|generating new key pair]]. | If you do not have a key pair yet, start with [[public_key#generate|generating new key pair]]. | ||
| - | ===== Configure Server to Accept Public Key ===== | + | ===== [[server]] Configure Server to Accept Public Key ===== | 
| Connect to your SSH server using WinSCP with the %%SSH%% protocol, using other means of authentication than public key, e.g. typically using password authentication. | Connect to your SSH server using WinSCP with the %%SSH%% protocol, using other means of authentication than public key, e.g. typically using password authentication. | ||
| - | Once logged in, configure your server to accept your public key. That varies with SSH server software being used. The most common %%SSH%% server is OpenSSH. | + | Once logged in, configure your server to accept your public key. That varies with %%SSH%% server software being used. The most common %%SSH%% server is OpenSSH. | 
| - | ==== OpenSSH ==== | + | ==== [[configure_openssh]] OpenSSH ==== | 
| - | ··* Navigate into a ''.ssh'' subdirectory of your account home directory. You may need to enable [[ui_pref_panels#common_options|showing hidden files]] to see the directory. If the directory does not exists, you need to [[task_create_directory|create it]] first. | + | You can use //Session (Tabs) > Install Public Key into Server// command on the main window, or //Tools > Install Public Key into Server// command on //[[ui_login_authentication|SSH > Authentication page]]// page on Advanced Site Settings dialog. The functionality of the command is similar to that of [[&man_ref(1,ssh-copy-id)|OpenSSH ''ssh-copy-id'' script]].((WinSCP also has a [[commandline#copyid|command-line equivalent]].)) | 
| + | |||
| + | Or you can configure the key manually: | ||
| + | |||
| + | ··* Navigate into a ''.ssh'' subdirectory of your account home directory. You may need to enable [[ui_pref_panels#common|showing hidden files]] to see the directory. If the directory does not exist, you need to [[task_create_directory|create it]] first. | ||
| * Once there, open a file ''authorized_keys'' for [[task_edit|editing]]. Again you may have to create this file, if this is your first key. | * Once there, open a file ''authorized_keys'' for [[task_edit|editing]]. Again you may have to create this file, if this is your first key. | ||
| - | * Switch to the [[ui_puttygen|PuTTYgen]] window, select all of the text in the //[[ui_puttygen#authorized_keys|Public key for pasting into authorized_keys file]]// box, and copy it to the clipboard (''Ctrl+C''). Then, switch back to the editor and insert the data into the open file, making sure it ends up all on one line. Save the file. | + | * Switch to the [[ui_puttygen|PuTTYgen]] window, select all of the text in the //[[ui_puttygen#authorized_keys|Public key for pasting into OpenSSH authorized_keys file]]// box, and copy it to the clipboard (''Ctrl+C''). Then, switch back to the editor and insert the data into the open file, making sure it ends up all on one line. Save the file. WinSCP can [[ui_login_authentication#private_key_tools|show you the public key]] too. | 
| * Ensure that your account home directory, your ''.ssh'' directory and file ''authorized_keys'' are not group-writable or world-writable. Recommended permissions for ''.ssh'' directory are ''700''. Recommended permissions for ''authorized_keys'' files are ''600''. Read more about [[task_properties|changing permissions]]. | * Ensure that your account home directory, your ''.ssh'' directory and file ''authorized_keys'' are not group-writable or world-writable. Recommended permissions for ''.ssh'' directory are ''700''. Recommended permissions for ''authorized_keys'' files are ''600''. Read more about [[task_properties|changing permissions]]. | ||
| + | |||
| + | ==== OpenSSH on Windows ==== | ||
| + | |||
| + | There are some specifics when setting up the [[guide_windows_openssh_server#key_authentication|public key authentication on OpenSSH server on Windows]]. | ||
| ==== ssh.com ==== | ==== ssh.com ==== | ||
| Line 31: | Line 39: | ||
| For other %%SSH%% server software, you should refer to the manual for that server. | For other %%SSH%% server software, you should refer to the manual for that server. | ||
| - | ===== Configure WinSCP Session ===== | + | ===== [[winscp]] Configure WinSCP Session ===== | 
| When configuring session, specify path to your private key on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. | When configuring session, specify path to your private key on //[[ui_login_authentication|SSH > Authentication page]]// of Advanced Site Settings dialog. | ||
| Alternatively, load the private key into [[ui_pageant|Pageant]]. | Alternatively, load the private key into [[ui_pageant|Pageant]]. | ||
| + | |||
| + | ===== Public Key Authentication in Clouds ===== | ||
| + | |||
| + | Cloud providers have typically their own mechanism to setup a public key authentication to virtual servers running in the cloud. | ||
| + | |||
| + | For details see guides for connecting to: | ||
| + | |||
| + | * [[guide_amazon_ec2|Amazon EC2]]; | ||
| + | * [[guide_google_compute_engine|Google Compute Engine]]; | ||
| + | * [[guide_microsoft_azure|Microsoft Azure]]. | ||
| ===== Further Reading ===== | ===== Further Reading ===== | ||
| - | * [[public_key|Using Public Keys for Authentication]]; | + | * [[public_key|*]]; | 
| - | * [[ui_puttygen|Using PuTTYgen]]; | + | * [[ui_puttygen|*]]; | 
| - | * [[ssh_keys|Understanding SSH Key Pairs]]. | + | * [[ssh_keys|*]]. |