Logo
Practical purpose of this demonstration

Establish a connection via SSH, either using a password, or using a pair of encryption keys.

1. Connection with password

To connect to a server with the native Windows 10 client, type:

ssh username@server-address

There are other famous SSH clients as indicated in section Alternatives for SSH clients. But the native Windows 10 client will probably be enough for what you need to do.

When it is the first access you need to inform that you trust the remote computer’s identity by answering yes, as indicated in Figure 1.

image 001
Figure 1. Confirmation on first access to remote computer

By doing this, the public computer’s encryption key is stored in the ~/.ssh/know_hosts file at the local computer.

If this file is deleted or the line containing the remote computer’s public key is removed, then the confirmation message will be displayed again.

Then you enter your password, and that’s it. Connected!

2. Connection with encryption keys

Another form of authentication is to let the target computer know the source computer. In this case we create a pair of encryption keys on the source computer with the command ssh-keygen. Run and press Enter until done, as shown in Figure 2.

image 002
Figure 2. Standard execution of the "ssh-keygen" command

If you run the ssh-keygen command again, by default (by pressing Enter until the end) it does not overwrite previously generated keys. But if you specify that you want to do this, you will lose any access to services that depended on those keys. It is an irreversible operation.

As also indicated in Figure 2, a pair of files are generated. We are interested in this demonstration in the public file id_rsa.pub. The private id_rsa file must be kept safe and never shared.

image 003
Figure 3. Content of the file "id_rsa.pub"

Then, we send the contents of the file id_rsa.pub, as exemplified in Figure 3, to the destination computer, the server. This content must be added to the ~/.ssh/authorized_keys file. If it does not exist, it must be created.

As shown in Figure 3, the content of the public encryption key is short text that you can copy using the mouse and the combination of type or cat commands to display and echo to write.

But if you are without a mouse, you may prefer to copy the file directly with the scp command and then add the key to the authorized_keys file:

Command on the source computer:

  • scp ~/.ssh/id_rsa.pub username@server-address:~/.ssh

Command on the destination computer:

  • cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

From now on, both your computer knows the server and the server knows your computer. Each computer has the public key of the other.

Make a new connection attempt and you’re done. Connected using keys without having to enter authentication data.

3. Alternatives for SSH clients

Name License Download

PuTTY

free; open-source

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

SuperPutty

free; open-source; based on PuTTY

https://github.com/jimradford/superputty

PuTTY Tray

free; open-source; based on PuTTY

https://puttytray.goeswhere.com/

KiTTY

free; open-source; based on PuTTY

http://www.9bis.net/kitty/

MobaXterm

free; paid Pro version available

http://mobaxterm.mobatek.net/

SmarTTY

free

http://smartty.sysprogs.com/

Dameware SSH client

free; paid options available

http://www.dameware.com/free-ssh-client-for-windows.aspx

mRemoteNG

free; open-source

http://www.mremoteng.org/

Terminals

free; open-source

https://terminals.codeplex.com/

Secure Shell App

free; Chrome Addon

https://chrome.google.com/webstore/detail/pnhechapfaindjhompbnflcldabbghjo

4. Video demonstration

https://youtu.be/KeF9I7zMMMw

Hasta la vista.