Using PuTTY in Simple Steps

This guide is intended for Windows users who are not accustomed to using SSH, or need some additional support for understanding how to work with SSH from their machine (e.g. challenges with key pairs).

It describes how to start using the free, open-source program PuTTY, to securely connect a client computer to a remote Linux/Unix server.

Many of the tutorials to follow will refer to using PuTTY, which is a popular SSH client for Windows workstations.

The important thing about PuTTY is that it is a secure way to connect a client to a server, using the SSH network protocol. It has a powerful and easy-to-use graphical user interface (GUI) and is used to run a remote session over a network.

What is SSH? It is short-form for “Secure Shell,” which means it creates a secure channel over an insecure network—like the internet, for example.

How does SSH do this? By encrypting the communications between the client and the server, using public-key cryptography, which means that a key-pair is generated—one of them public, and the other private, or secret, known only to the user.

Since CFEngine is a client-server enterprise software system, it is essential to access the servers securely. This is true whether the CFEngine system is run on a cloud platform, like Amazon Web Services and many others—or on a private network.

That is where PuTTY comes into the picture, since it uses SSH protocol for connecting a client to a server.

The PuTTY software consists of two separate programs PuTTY and PuTTYgen: They can be downloaded at http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

PuTTYgen is used to generate the encryption key pair while PuTTY, a command-line interface, is used to securely access the CFEngine server, or hub, from a remote client machine, which is called a host in CFEngine terminology.

PuTTYgen is used only when setting up a new client machine on the CFEngine hub. The CFEngine hub will already have an encrypted key-pair that was created when setting up the hub. (See the tutorial, [Installing CFEngine on RHEL Using AWS][Using Amazon Web Services])

The following steps describe how to get the client machine, up and running using PuTTYgen and PuTTY. There are two distinct steps to this process:

Step 1. Use PuTTYgen to create an encrypted key-pair in the .ppk file format that PuTTY uses.

(It is important to note that the key-pair on the hub will probably be in a file format that is different from the PuTTYgen .ppk file format. For example on Amazon Web Services (AWS) and many other cloud computing services, the key-pair file format created when setting up the server (hub) will be in the .pem file format.)

Step 2. Configure the PuTTY application in order to securely access the CFEngine hub.

Step 1. consists of the following sequence: First, launch PuTTYgen by double-clicking on the puTTygen icon in the Windows programs menu tree; (It should be inside the PuTTY folder that was created when the PuTTY was downloaded and installed.)

Next, download the key-pair and save it on the local hard disk in the .ppk file format.

The PuTTYgen Interface

a. Click Load. The following Load private key window will pop up:

The PuTTYgen "Load private key" pop-up window

b. In the Load private key window select All Files (.) in the drop down menu next to the File name input box.

c. Navigate to the location on disk where the public-key file was downloaded in earlier steps, in this case a .pem file. Click Open. The following window will appear:

The PuTTYgen Key Generator Window; note  that the actual key and key fingerprint has been blanked out

d. Enter a Passphrase and confirm the Passphrase. If no Passphrase is desired, leave those fields empty.

e. When the key has been loaded click the Save private key button.

f. If saving without a Passphrase a dialog box will pop up; click yes to save the key without a Passphrase

g. Now close PuTTYgen.

Accessing AWS Virtual Machines via SSH on Windows Using PuTTY and PuTTYgen

Get PuTTY and PuTTYgen

Prepare Private Key Using PuTTYgen

The Puttygen Interface

The Puttygen Interface. You will load the .pem file that you created in AWS.

The Puttygen popup window

The Puttygen popup window. Click Yes, to proceed without a passphrase. You can also protect your private key with a passphrase that you enter into Key Passprhase and Confirm Key Passphrase.

Configure PuTTY

The Puttygen Interface

The Putty interface, with Session selected on the left-side navigation tree.

Setting up the PuTTY configuration

Setting up the PuTTY configuration with the Host Name, and a Saved Sessions Name.

Once we have entered our Host Name and our Saved Sessions name, we take the following steps:

Setting up the PuTTY configuration

Note that Auth has been selected on left-side tree, in order to bring up this screen.

The PuTTY interface with the two virtual machines saved

The PuTTY interface with the two virtual machines saved. We can now proceed to configure those virtual machines with CFEngine.

Login to Virtual Machines Using PuTTY

The PuTTY command-line window

The PuTTY command-line window, which we will use to configure the virtual machines with CFEngine.