This is an old revision of the document!
Set up public key authentication
This guide contains description of setting up public key authentication for use with WinSCP. You may want to learn more about public key authentication instead.
Before starting you should:
Advertisement
Generate Key Pair
If you do not have a key pair yet, start with generating new key pair.
Configure Server to Accept Public Key
Connect to your SSH server using WinSCP with the SSH protocol, using other means of authentication than public key, e.g. typically using password authentication.
Once logged in, configure your server to accept your public key. That varies with SSH server software being used:
OpenSSH
Navigate into the .ssh
subdirectory of your account home directory. You may need to enable showing hidden files to see the directory. If the directory does not exists, you need to create it first.
Advertisement
Once there, open the file authorized_keys
for editing1. Again you may have to create this file if this is the first key you have put in it.
Then switch to the PuTTYgen window, select all of the text in the Public key for pasting into authorized_keys file box, and copy it to the clipboard (Ctrl+C
). Then, switch back to the editor and insert the data into the open file, making sure it ends up all on one line. Save the file.
ssh.com
Save a public key file from PuTTYgen, and copy that into the .ssh2
subdirectory of your account home directory. In the same subdirectory, edit (or create) a file called authorization
. In this file you should put a line like Key mykey.pub
, with mykey.pub
replaced by the name of your key file.
Other SSH Servers
For other SSH server software, you should refer to the manual for that server.
Permissions
You may also need to ensure that your account home directory, your .ssh
directory, and any other files involved (such as authorized_keys
, authorized_keys2
or authorization
) are not group-writable or world-writable.
Read more about changing permissions
Configure WinSCP Session
When configuring session, specify path to your private key on Session tab of Login dialog.
Alternatively, load the private key into Pageant.
Further Reading
- In earlier versions of OpenSSH 2 the file might be called
authorized_keys2
.Back