The reason I use public/private key pair with putty is for convenience. I don't need to send my password every time. I just click on a MS Windows icon that has the command "putty [EMAIL PROTECTED]" to get a logged on ssh session.
The public/private keypair also helps with controlling multiple systems from a shell script. The script can issue "ssh [EMAIL PROTECTED] somecommand" and not worry about storing passwords.
My private key is loaded into the pageant from the putty package. Also my public key is kept in $HOME/.ssh/authorized_keys. From Linux and cygwin you can also do this with ssh-agent and ssh-keygen.
There are warnings in putty about using pageant, if ssh/putty client computer could be accessed, it might be possible to get your private key from memory allocated to pageant/ssh-agent or its swap file.
From: "McKown, John" <[EMAIL PROTECTED]> Reply-To: Linux on 390 Port <[email protected]> To: [email protected] Subject: Really silly SSH question. Date: Thu, 14 Apr 2005 13:11:13 -0500
Just for grins and giggles, I created an SSH private key/public key pair. I can now use PuTTY to logon to Linux without using my Linux password. Instead, I must use a "Passphrase". What have I gained? I did replace my password with a passphrase, but how is that more secure? I don't see a way to say: "This passphrase must be used when doing an SSH from that incoming IP address." Am I missing something? (very likely). I could use a different private/public key for each server that I use SSH with, I guess. But I've only got one server, so far.
Oh well, it was a "learning experience", I guess.
-- John McKown Senior Systems Programmer UICI Insurance Center Information Technology
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and its' content is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this transmission, or taking any action based on it, is strictly prohibited.
---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
