Sunday, December 30, 2012

Using WinSCP

This is part 4 of the No Plain Text Passwords series and is about using WinSCP.

Transcript

OK, so what we’re basically going to do now is create a directory that we’re going to put our key in. So all you have to do in WinSCP is go to F7 down here create directory. Make sure that you’re on the server side not your local side. (You can tell by the color change).


So create directory or hit F7. We’re going to call this dot SSH. We’re going to set our permissions. Make sure that you set the executable bit or the exbit. That makes it so that the directory is visible. I don’t want to get into the whole thing about Unix permissions but you can take the R off of the others and you could actually group. It doesn’t matter in this case but you can leave it at 750 (so put the “x” there).

So we create that. Then we’re going to go into that file and you’ll see there’s nothing there. So what we’re basically going to do is create a file. And the way you do that you can either right mouse click and get to new file or do the short-cut again shift F4. So that’s going to come up with our name. We’ll call it “authorized keys” (and see that’s going to pop up a local editor). So basically what we have to do is go to our putty key gen and we’ll go back here to start. (I’ll show you in case you closed it. Go to putty, go to puttygen and load the key.) So we use the new private key. It’s going to ask you for your new password. And you’ll notice now that this is all filled in. (So this is what we need. So we’ll highlight this box. Notice it says public key for pasting and to open as says it’s authorized underscore keys files. So that’s what we’re making).

The easiest way to do this is to right click and hit copy. Then we can close that. We don’t need it anymore. And on the putty you can either hit control V which is the shortcut or you can just hit the clipboard and it’ll paste it in there.

So the trick here is it’s like a file editor but it’s not really. It’s not really made for that. It’s just for quick down and dirty stuff. So hit this little button far to the left called close editor and it’s going to ask if you want to save it. Now that saves it on the server. Not on your local machines. So it does exactly what you want it to do. So we’ll hit yes.

And then it’s up and ready to go. So now our authorized keys are there.

Password free logins with WinSCP and PuTTY

So let’s see what happens now. If we log out of closed WinSCP, we’ll terminate it, yeah. Now we’ll go back and go to WinSCP again, and it’ll open but this time we’ll actually start a new session and we’ll call it my server name because that’s your host name. This time wwwdash or again whatever yours happens to be. We’re leaving everything the same. We can say save it. We can save this session as whatever. (I’ll leave it for this. You can put a name in it if you want).



So now what we have to do is basically just log in. And you’ll notice boom it came right up. But if you were quick you could see that I authenticated it against the key. So I didn’t have to type anything. The only thing you have to remember is that if you shut your machine down, the putty P agent in putty does not stay resident. It won’t automatically load itself and it’s done that way for security reasons.

So you know, when you’re about to do FTP or whatever just make sure that you go to putty P agent and click it. Don’t worry if it … it’s already loaded it’ll tell you. So you don’t have to worry. So once it is there, you can see how easy that is.

So once again I’ll do it. So we go to programs WinSCP, because I’m going to do some editing now. We’ll go to my program. We just hit log-in. It connects, authenticate it. Boom zero to do.

And as a side note I’ll add that the same technique works for putty. If you happen to have route access or at least access to your server we can do a very similar thing. We’ll just create a new one. (Instead twenty-two, we’ll call this the same whatever you want to call it. But if you have a server name you can call it that). And for connections, things get a little bit more crazy but for SSH I always say two only because SSH one was a little insecure. There’s a bug in it. Unless somebody tells you you have to use it, don’t use it.

So we have our session, we can save that in our connection. (You can actually keep it rolling. Data, you know, your telnet which we’re not going to use. You may have to change the translation. It depends on your server). But all these things are really for another day. I just basically want to show you that you can do this once and be done. And so again it’s going to say that the server’s key isn’t in the system. But now it is. We’ll log-in as myself and it’ll authenticate it; so that gives you a better idea what WinSCP is showing as well.

Authenticating with public key, my key from this machine, blah blah blah, that’s all logged and now I’m ready to go.

OK I hope that helps and that should make your life much better. And a lot more secure.

Comments are also appreciated.

No comments:

Post a Comment