I\'ve generated key pairs using PuTTYgen and been logging in using Pageant, so that I have to enter my pass-phrase only once when my system boots.
How do I achieve this in Linux? I\'ve heard of keychain
but I hear that it uses a different key pair format - I don\'t want to change my Windows keys and it would be nice if I could seamlessly connect in the same manner in both Windows and Linux.
puttygen
supports exporting your private key to an OpenSSH compatible format. You can then use OpenSSH tools to recreate the public key.
- Open PuttyGen
- Click Load
- Load your private key
- Go to
Conversions->Export OpenSSH
and export your private key
- Copy your private key to
~/.ssh/id_dsa
(or id_rsa
).
Create the RFC 4716 version of the public key using ssh-keygen
ssh-keygen -e -f ~/.ssh/id_dsa > ~/.ssh/id_dsa_com.pub
Convert the RFC 4716 version of the public key to the OpenSSH format:
ssh-keygen -i -f ~/.ssh/id_dsa_com.pub > ~/.ssh/id_dsa.pub
See this and this for more information.
If all you have is a public key from a user in PuTTY-style format, you can convert it to standard openssh format like so:
ssh-keygen -i -f keyfile.pub > newkeyfile.pub
References
- Source:
http://www.treslervania.com/node/408
- Mirror: https://web.archive.org/web/20120414040727/http://www.treslervania.com/node/408.
Copy of article
I keep forgetting this so I\'m gonna write it here. Non-geeks, just
keep walking.
The most common way to make a key on Windows is using Putty/Puttygen.
Puttygen provides a neat utility to convert a linux private key to
Putty format. However, what isn\'t addressed is that when you save the
public key using puttygen it won\'t work on a linux server. Windows
puts some data in different areas and adds line breaks.
The Solution: When you get to the public key screen in creating your
key pair in puttygen, copy the public key and paste it into a text
file with the extension .pub. You will save you sysadmin hours of
frustration reading posts like this.
HOWEVER, sysadmins, you invariably get the wonky key file that throws
no error message in the auth log except, no key found, trying
password; even though everyone else\'s keys are working fine, and
you\'ve sent this key back to the user 15 times.
ssh-keygen -i -f keyfile.pub > newkeyfile.pub
Should convert an existing puttygen public key to OpenSSH format.
Newer versions of PuTTYgen (mine is 0.64) are able to show the OpenSSH public key to be pasted in the linux system in the .ssh/authorized_keys
file, as shown in the following image:
Alternatively if you want to grab the private and public keys from a PuTTY formated key file you can use puttygen
on *nix systems. For most apt-based systems puttygen
is part of the putty-tools
package.
Outputting a private key from a PuTTY formated keyfile:
$ puttygen keyfile.pem -O private-openssh -o avdev.pvk
For the public key:
$ puttygen keyfile.pem -L
sudo apt-get install putty
This will automatically install the puttygen tool.
Now to convert the PPK file to be used with SSH command execute the following in terminal
puttygen mykey.ppk -O private-openssh -o my-openssh-key
Then, you can connect via SSH with:
ssh -v user@example.com -i my-openssh-key
http://www.graphicmist.in/use-your-putty-ppk-file-to-ssh-remote-server-in-ubuntu/#comment-28603
I recently had this problem as I was moving from Putty for Linux to Remmina for Linux. So I have a lot of PPK files for Putty in my .putty
directory as I\'ve been using it\'s for 8 years. For this I used a simple for
command for bash shell to do all files:
cd ~/.putty
for X in *.ppk; do puttygen $X -L > ~/.ssh/$(echo $X | sed \'s,./,,\' | sed \'s/.ppk//g\').pub; puttygen $X -O private-openssh -o ~/.ssh/$(echo $X | sed \'s,./,,\' | sed \'s/.ppk//g\').pvk; done;
Very quick and to the point, got the job done for all files that putty had. If it finds a key with a password it will stop and ask for the password for that key first and then continue.
It\'s probably easier to create your keys under linux and use PuTTYgen to convert the keys to PuTTY format.
PuTTY Faq: A.2.2
I think what TCSgrad was trying to ask (a few years ago) was how to make Linux behave like his Windows machine does. That is, there is an agent (pageant) which holds a decrypted copy of a private key so that the passphrase only needs to be put in once. Then, the ssh client, putty, can log in to machines where his public key is listed as \"authorized\" without a password prompt.
The analog for this is that Linux, acting as an ssh client, has an agent holding a decrypted private key so that when TCSgrad types \"ssh host\" the ssh command will get his private key and go without being prompted for a password. host would, of course, have to be holding the public key in ~/.ssh/authorized_keys.
The Linux analog to this scenario is accomplished using ssh-agent (the pageant analog) and ssh-add (the analog to adding a private key to pageant).
The method that worked for me was to use:
$ ssh-agent $SHELL
That $SHELL was the magic trick I needed to make the agent run and stay running. I found that somewhere on the \'net and it ended a few hours of beating my head against the wall.
Now we have the analog of pageant running, an agent with no keys loaded.
Typing
$ ssh-add
by itself will add (by default) the private keys listed in the default identity files in ~/.ssh .
A web article with a lot more details can be found here