Archive for the ‘SSH’ Category

h1

RSA2/DSA key access from PuTTY to a *NIX OpenSSH server

May 1, 2009

If you want to access to your *NIX server using PuTTY in Windows, you just should follow the next steps to create a secure access using RSA/DSA public key infrastructure.

1) The first thing is configuring our openSSH server in the “/etc/ssh/sshd_config” file and modifying some configuration fields

  • Protocol 2
  • RSAAuthentication yes
  • PubkeyAuthentication yes
  • AuthorizedKeysFile      %h/.ssh/authorized_keys

Reload the ssh daemon. /etc/init.d/ssh reload

2) Get the PuTTY Key Generator (Just typing it in google) and generate a RSA2/DSA public and private keys. Save them in a folder, and copy the text with Ctrl+C or in a file. This is your public key in openSSH format (The format which uses the ssh daemon)

It would be a good idea protect our private key with a passphrase, at least, if we’ll use the remote access in a public place like an office. Maybe you must try PuTTY PageAgent to manage your keys, but this is another bussiness 😛

3) Paste the text in your server in you “$home/.ssh/authorized_keys” of the user that you want to authenticate with RSA/DSA. (I suppose that “public_key” file contains the text generated by PuTTY)

  • cat public_key >>$home/.ssh/authorized_keys

4) Now, just open PuTTY and load your private key

5) Just login in the server as usual, and you should be logged in without typing your password. You must be type the keyphrase if you had set it in the  2nd step.

Regards, and be careful with your private key file 😎

h1

Setting up a SSH tunnel

July 22, 2007

Hi again!

If we need a through our LAN to use, for example, a protocol which it’s locked by a BOFH 😉 or send some personal data through a insecure protocol, we would use a SSH Tunnel using a SSH client like PuTTy (On win32) or openSSH (*NIX systems).

Ok, We’re in a LAN which 80 port it’s closed and that really sucks!. We’ve the IP of a server without restriction over the 80 port. Then, we’re going to do a tunnel with this server and send the 80 port data encrypted through the SSH port (I suppose this port is open! [Default port 22]).

We must open PuTTy and go to this screen

 After this, we must connect to the server

When we’re connected to the server, we must login in and the tunnel has been stablished 😀

Ok, now we need to say to the internet browser that it needs to connect through the Tunnel, to this, open your favourite browser (Firefox 4ever ;’) ) and open the connection settings. A window like this will be opened.

 If you’ve made all the steps, your SSH Tunnel are running now :D.