A great feature of SSH is the ability to log in using public/private key encryption, rather than just simple passwords.
The way this works is that each server and client creates a public and a private key. Then, you copy the public key of the client you wish to authorise into the authorized_keys file of the server you are logging on to. When you attempt to log in, your SSH client will create a signature using your private key which the server will then decrypt using the public key and you’re in. 🙂 Easy. (More details here.)
Because your keys should be encrypted, this doesn’t remove the need to enter a password when you use the key. To do that, you need to use Paegant – a free accompaniment to Putty in Windows – which will ask for your passphrase once and then use it to open sessions to your heart’s content.
To get this working, you:
- Generate the key pair on the client using PuttyGen. Specify a decent passphrase for your private key.
- Copy the public key to the clipboard or export to a file
- On the server, for the user you are planning to log in as, go to ~/.ssh/ and edit the authorized_keys (or authorized_keys2) file
- Paste in the public key RSA string
- In Putty, for the server connection, add the username to the Connection > Data > Auto-login username field, and the path to the private key file Connection > SSH > Auth > Private key… field.
For the iPhone iSSH app, the app has a generate public key function. With that you can follow the same instructions to authorise the key and it will work from your iPhone as well. Sweet!