Loren SSH Key Setup and Use
First, generate an SSH Key on your local client machine.
On a PC
Using command prompt (cmd):
On your Local PC: Open a command prompt and run the following command:
ssh-keygen
On your Local PC: This should create a public/private rsa key pair. You will be prompted for a location in which to save your key pair. The default will be
C:\Users\<your_computer_acct>\.ssh\id_rsa
. This should be fine as long as you don't have other id_rsa files you use. (If you do, you may want to consider naming the file something else, like 'loren_rsa
' to distinguish it from other keys.). To use default (id_rsa), hit enter.On your Local PC: Leave the passphrase empty unless you prefer to have one. (You will need to enter this every time you ssh to Loren if you create one).
On your Local PC: Change directories to your
C:\Users\<your_account>\.ssh
on your local computer/client with the cd command. Example:cd C:\Users\<your_account>\.ssh
.On your Local PC: View the content of your public key with the following command where
id_rsa.pub
is the public key file:type id_rsa.pub
On your Local PC: Copy the contents of your public key file, then connect via ssh into loren normally with your normal credentials. Ex:
ssh <username>@loren.uwyo.edu
At this point, in the cmd prompt, you are on Loren. You can determine “where” you are based on your prompt. If you are on loren, you’re prompt will reflect that with:[your_username@lorenlog1 ~]$
On Loren: Once logged into Loren, you should automatically be logged in on your profile and your current directory should be your home directory by default unless you change it in your configurations. Unless you’ve already created one previously, you will not have a .ssh directory on Loren, so you will need to create it. You may do that with
mkdir ~/.ssh
On Loren: Once your .ssh directory is created, change directories to your .ssh directory on Loren with:
cd ~/.ssh
On Loren: Here we will want to create a new file called
authorized_keys
. On Loren, we can do this with the following command in vim which will create an empty file, in which we can add content:vim authorized_keys
. This puts us into a text editor and empty file.On Loren: Hit the
i
button on your keyboard to insert text into the file.On Loren: Paste the content of your public key from your local computer to the file on Loren by hitting
ctrl+p
on your windows keyboard.On Loren: Save content by hitting
Esc
on your keyboard, then type:wq!
into the bottom of the file (which signifies we’re writing the content and then quitting the program) thenEnter
on your keyboard.On Loren: Now set the permissions for the file to only be readable with the following command:
chmod 600 authorized_keys
On Loren: Now get out of the folder by running cmd:
cd ..
On Loren: Lastly, we want to update permissions for our .ssh folder so it’s only writable by us:
chmod 755 .ssh
Using Putty:
On your Local PC: Launch PuttyGen by typing it into your windows start menu search box. You should be presented with the following screen:
On your Local PC: Click Generate to generate a public/private key pair. You’ll be prompted to move your mouse to introduce randomness to create the key. Do that. Once the key is created, click “Save public key” and “Save Private Key”. Note where you save each file.
On your Local PC: Copy the content of the SSH public key in the text box underneath Public Key for pasting into OpenSSH authorized_key file.
On your Local PC: SSH into loren normally, with your normal credentials. Ex:
ssh <username>@loren.uwyo.edu
At this point, in the cmd prompt, you are on Loren. You can determine “where” you are based on your prompt. If you are on loren, you’re prompt will reflect that with:[your_username@lorenlog1 ~]$
On Loren: Once logged into Loren, you should automatically be logged in on your profile and your current directory should be your home directory by default unless you change it in your configurations. Unless you’ve already created one previously, you will not have a .ssh directory on Loren, so you will need to create it. You may do that with
mkdir ~/.ssh
On Loren: Once your .ssh directory is created, change directories to your .ssh directory on Loren with:
cd ~/.ssh
On Loren: Here we will want to create a new file called
authorized_keys
. On Loren, we can do this with the following command in vim which will create an empty file, in which we can add content:vim authorized_keys
. This puts us into a text editor and empty file.On Loren: Hit the
i
button on your keyboard to insert text into the file.On Loren: Paste the content of your public key from your local computer to the file on Loren by hitting
ctrl+p
on your windows keyboard.On Loren: Save content by hitting
Esc
on your keyboard, then type:wq!
into the bottom of the file (which signifies we’re writing the content and then quitting the program) thenEnter
on your keyboard.On Loren: Now set the permissions for the file to only be readable with the following command:
chmod 600 authorized_keys
On Loren: Get out of your .ssh folder so we can make changes to it’s permissions by typing
cd ..
On Loren: Lastly, we want to update permissions for our .ssh folder so it’s only writable by us:
chmod 755 .ssh
On your Local PC: Open Putty. You should be taken straight to a Putty configuration screen.
On your Local PC: Configure your session in Sessions and enter loren.uwyo.edu as the Host name leaving default ports and SSH as the connection type.
On your Local PC: Go to Connection->Data and under Auto-login username type in your username for Loren (usually this is the same as your UWYO username)
On your Local PC: Go to Connection->SSH->Auth->Credentials. You will be presented with this screen:
On your Local PC: Browse to the private key file for authentication. (If you created it in the default location this will be at
C:/Users/<your_username>/putty.ppk
).On your Local PC: Now go to SSH->X11 and Enable X11 Port Forwarding.
On your Local PC: Go back to sessions and save this session configuration with a name you’ll remember and click the Save button.
On your Local PC: Click Open to begin your session with the server. If you saved your SSH private key with a passphrase, you will now be prompted to enter that passphrase. An alert displays indicating that the server’s host is not cached. Click Yes, to continue the connection.
On your Local PC: You should no longer be prompted for a password if this was configured correctly.
On a Mac using terminal:
Open up a terminal window, and navigate to your ssh folder with:
cd ~/.ssh
create a new ssh private key with
vi loren_rsa
.This will open the Vi file editor and create a new file named
loren_rsa
in which you can paste the private key that you copied from Loren.Hit
cmd+p
to paste the contents of your private key into the new file.Once pasted, hit the
esc
key to exit out of file editing.Then type
:wq!
and hit yourreturn
key to write the contents and close out of the file editor.Lastly, update the permissions for your new file so it may only be read/written to by you with the command:
chmod 600 loren_rsa
Once this is completed, close out of your terminal window and open a new terminal window to test your ability to log in.
Assuming mac terminal opens by default in your home folder (~) the command to log into Loren using your private key would be:
ssh <your_username>@loren.uwyo.edu -i .ssh/loren_rsa
If it worked, you will be logged into Loren automatically, and will not be prompted for a password, nor your first factor, and second factor authentication for login.
Configure access in MobaXTerm:
Click on Sessions and choose “new session”. This will bring up a new session window.
Choose SSH for session type.
Under basic SSH settings, put in:
Remote host *: loren.uwyo.edu
Specify your Username: (check the box and use your default username if applicable, or type in your Loren username as shown below):
Under the “Advanced SSH settings” tab, check the box to ”Use private key” as indicated in the screenshot above, and click the file icon to browse your files and direct to the location in which your
loren_rsa
file was saved. When everything looks right, click OK.If you’ve configured everything correctly, the session will execute and you will be logged into Loren in the new session without having to enter your Loren Username/Password and 2 Factor code and the session should be listed in your quickconnect sessions.
Configure access in PuTTY:
Open your start menu and type in ‘puttygen’ to bring up the Putty Key Generator application. This will bring up a new window. Choose the option to load an existing private key file. In the file location textbox, type in
C:\Users\<your username>\.ssh
Then to populate all file types, change the file type drop down from putty private key files (*.ppk) to 'All Files':
configure the loren_rsa key you created earlier by clicking Open.
A confirmation displays after PuTTYgen successfully imports the private key. Click OK to dismiss the message.
If you prefer to have a password associated with the use and login on your private key, Enter a unique key passphrase in the Key passphrase field, then enter the same passphrase again in the Confirm passphrase field. You will be prompted for this passphrase whenever you log into Loren with this SSH key. If you don’t want a password, leave this blank and continue.
Click Save private key, then make sure the name is wi_rsa to save it for use with PuTTY. (Note: It’s usually recommended to keep the default settings in the PuTTY key authentication configuration).
Log into PuTTY using your SSH private key:
Enter the name for the session if you don’t have one already, and click Save. (Note: While you may use any name you wish, this example names the connection based on the Loren hostname/address).
Click Connection > Data in the left navigation pane and set the Auto-Login username to your Loren Username.
Click Connection > SSH > Auth > Credentials in the left navigation pane and configure the SSH private key to use by clicking Browse under Private key file for authentication field.
Navigate to the
C:\Users\<you>\.ssh
file location on your windows computer where you saved your SSH private key file. Select it and click Open. The file path for the SSH private key file should now display in the Private key file for authentication field.Click Session in the left navigation pane, then click Save in the Load, save, or delete a stored session section.
Click Open to begin your session with the server. If you saved your SSH private key with a passphrase, you will now be prompted to enter that passphrase. An alert displays indicating that the server’s host is not cached. Click Yes, to continue the connection.