Using Public Keys With Putty to Connect to WHM running on Linux
My cloud vps server must have updated the other day. I started receiving all sorts of messages/emails from it. Most of these were the standard brute force attack warnings. From Russia with love. And China. And Korea. Etc ad nauseum. One actually was troubling – something about my PERL files not matching the originals. Well, I’m no genius, but to me, that spells someone may have gotten in and modified a file for a little mischievous mayhem. Probably from Russia. Or China. Or Korea. The helpful email even gave me the line to run to clean up the system files. So why not? It’s Sunday am (early) and if there’s a good time to do it, it would be right now.
Now, the next problem is to get into the server. And we’re going to need some SSH action to RUN those commands. Now what DID I do the last time I had to hop in there? PuTTY (check this out on our blogs) And I did it the password way. While I *thought* it might be a one time thing, I may need to come to grips with the idea that as long as I’m using WordPress, and thus the whole LAMP (Linux,Apache,MySQL,PHP) stack, I’ll probably need to be SSH’ing in there. So…. Hunt down password. See if I can remember where I stashed PuTTY. Figure out interface again and all the settings. There must be a better way to do this. And there is. Public key/Private key SSH. Let’s make it happen.
UPDATE: (Later that same day) – Well having to launch Pageant, load up keys, give it the password and all that – not exactly what I was shooting for. I really wanted a one click type solution (or double-click if it’s on my desktop). So follow here to see how I actually streamlined it as much as possible. Double click, tap in your passwords and NOW you’re good to go. If you have no problem with using Pageant (or if you have several servers that you connect to) then continue on.
If you want the short sweet version for a one-off server SSH connection – go down through the bottom of Part A here and then you might want to jump to – PuTTY, SSH & NO Pageant – Continued
Part A – Setting up your Public Keys
1- Log in into your WHM and go to “SSH Password Authorization Tweak” under “Security Center”
2- Disable Password Auth – this is so we can only access ssh with a key. This should eliminate the continual banging on the server with any hope of brute forcing the password.
3 – Go to “Manage root’s SSH Keys” under “Security Center”
4 – Click on “Generate a New Key”
5 – Select some sort of name for the key and create a password
6 – Click Generate Key
7 – Go back to “Manage root’s SSH Keys” and click on “Manage Authorization” on the public key
8 – Enable authorization and go back to “Manage root’s SSH Keys”
9 – click on “View/Download” on the private key
10 – type the password you used when creating the key into the passphrase box and click “Convert”
11 – copy the text generated and save it somewhere you can find again in a file with extension .ppk (you can name this whatever you want)
Part B – Connecting with Putty
For putty to use the private key correctly, you need to open the private key with “pageant” this is provided for free with putty if you use the everything installer or download it individually from putty’s download page. I suggest you download the “Windows Installer for Everything” from:
1 – Open the .ppk file with Pageant. If you used the installer and did not change the default file association settings, then you should be able to just double click the file.
2 – You will be asked for the password – enter the password used in the creation of the key
3 – Open Putty and enter the address of your web server – Make sure you click on SSH
4- SAVE the configuration in the PuTTY config screen (above) to make your life easier next time – give it a name – I used the server name myself.
5- Whenever you want to use this config going forward, just highlight the name and click “Load”.
6 – When you click connect, your command window will open up, type the user name we set up when the key was created
If everything was setup right you should have SSH access to your web server now and be sitting at a command prompt. w00t. Ready to work.
The more I think about it, there probably is a way to do this with OUT having Pageant open. Need to look at that next time! Yeah, okay, so I couldn’t stand it. Wanted to make sure that I have this down for the NEXT time I want to get in quick. As it turns out, once the data is saved, all you really need open is Pageant. So launch Pageant, and it will appear in your system tray. Right click on it and go to “Saved Sessions” (remember where I said to save your config above?) and go there. So you really don’t need to launch… Hmm.. but if you close it down. Like most things, this will require more digging.
Thanks to Carolos Roque for this solutions – stored here for posterity’s sake with some small updates and clarifications!