KB Putty - Puttygen, Paegent, Key Forwarding - SSH

KB Putty - PuTTYgen, Paegent, Key Forwarding - SSH

SSH Client Generate Key Open PuTTYgen In PuTTYgen, click 'Generate; Once key is generated: Using PuTTY SSH-Agent 'Paegent' Connect via SSH using Key Forwarding If accessing CENPA server from CENPA or Physics. If accessing CENPA server from OUTSIDE CENPA or Physics IP. Turn on Key forwarding before connecting to gateway Connect to Gateway.

SSH Client

To access SSH servers using Windows operating system, install PUTTY:http://www.chiark.greenend.org.uk/~sgtatham/putty/

You can also use Tera Term Pro or similar SSH clients - see https://www.washington.edu/itconnect/security/tools/

Generate Key

Open PuTTYgen

In PuTTYgen, click 'Generate; Move around the mouse (randomizing) as instructed Once key is generated:

* Suggested that you accept default 'Type of key' Parameters (e.g. SSH-2 RSA 1024 bits) * You can increase the bit count safely, SSH-2 is required for Key forwarding.

1. Enter password for key (you will be asked for this password whenever you load key). This ensures that if you happen to lose your key or it is stolen, it cannot be used.

2. Confirm Password

3. Save Private key (suggested filename: id_rsa.ppk)

4. Save Public Key (suggested filename: id_rsa.pub)

5. Your public key is listed. You can copy/paste and add to email request or send the id_rsa.pub Using PuTTY SSH-Agent 'Paegent'

1. Load Paegent from Start-Putty-Pagent and select 'Add Key' a. Browse for your key (e.g. id_rsa.ppk) b. Enter your password for key. This is the same password you created when generating your key. c. If your key successfully loads you will see the following:

Connect via SSH using Key Forwarding

If accessing CENPA server from CENPA or Physics.

For added security, some CENPA servers are only visible from CENPA or Physics IPS. Generally if you are connected to the UW network you can access server directly. If accessing CENPA server from OUTSIDE CENPA or Physics IP.

Since many CENPA servers are only accessible from CENPA, UW and Physics IPs, you might need to a gateway.

UW staff and faculty can use: homer.u.washington.edu UW students can use: dante.u.washington.edu

If you do not have access to either gateway, contact Gary Holman ([email protected]) to use CENPA gateway.

Turn on Key forwarding before connecting to gateway Connect to Gateway. You can test SSH key forwarding on gateway via

echo $SSH_AUTH_SOCK

Once you gain access to gateway terminal, connect to CENPA server: ssh marie.npl.washington.edu