A lost SSH public-key or a web service generates an SSH key but does not provide the public-key part to you. What to do now? There is a solution for this situation.
SSH Access - Generating a Public/Private Key Using a Public/Private key to authenticate when logging into SSH can provide added convenience or added security. The Public/Private key can be used in place of a password so that no username/password is required to connect to the server via SSH. Instead the unique public and private key provide the. To perform private key authentication, you will also need the passphrase, which together with the private key, will allow authentication. What is really needed is for RenciSSH to get with the times and write a publickeyauthentication method.
When you have an SSH key you need the public key to setup SSH passwordless login with SSH-key. But if you have lost the public key part but still have the private key, there is a way to regenerate the key.
With the public key missing, the following command will show you that there is no public key for this SSH key.
The -l option instructs to show the fingerprint in the public key while the -f option specifies the file of the key to list the fingerprint for.
To generate the missing public key again from the private key, the following command will generate the public key of the private key provided with the -f option.
The -y option will read a private SSH key file and prints an SSH public key to stdout. The public key part is redirected to the file with the same name as the private key but with the .pub file extension. If the key has a password set, the password will be required to generate the public key.
To check the details of the generated public key execute the following command as shown above.
The output of this command shows the key size as the first column, the fingerprint as the second column and after the file name, the type is shown in brackets. In the example above, a 4096 bit RSA key.
Read more of my posts on my blog at http://blog.tinned-software.net/.
Related posts:
This article assumes you have already installed the PuTTY suite of applications.
Public/private key authentication, as the name suggests, uses two special cryptographic text files (called keys) to authenticate your login. The private key remains on your computer and should be kept safe from unauthorised access. The public key can be freely installed on remote systems. It doesn't matter if your public key gets stolen or lost. Because only you have the private key you can always regenerate the public key again from it. The key files are just plain text - nothing magical. You can open them in notepad if you are curious!
- Generate your public/private key pair
Start PuTTYgen, and choose a type of key to generate and keysize. If you are unsure what to choose, just copy the settings shown below.Click the Generate button.
PuTTYgen will then ask you to wiggle your mouse around for a while to help it generate the key.When you've shuffled your key around the area enough, the green bar will reach the right side and PuTTYgen will create your keypair and you will see something like this:Just fill in the Key comment field (your name is a good idea), and enter a STRONG passphrase including upper and lowercase letters, numbers, and symbols. Keep this passphrase somewhere secure so you can get to it later (you'll need it anytime you want to use your private key from a new computer).
If your private key ever gets stolen, this password is your last line of defence. A private key with a weak or no passphrase is a gift to hackers! Generally speaking, a good 16 character passphrase will keep the world's most powerful computers at bay until the sun burns out!
Click the Save private key button and save your private key with the .ppk extension (you'll need this file later in this guide).
Your public key doesn't need saving because it can always be generated instantly from the private key - but don't close PuTTYgen yet because we're going to do some cPanel magic. - Setting up your cPanel account with your public key
Log into your cPanel account, and click on the SSH Access icon in the Security group of icons.Click the Manage SSH Keys button.Click the Import Key button to get the Import SSH Key screen.Now, switch back to PuTTYgen, and select ALL of the text in the box at the top entitled Public key for pasting into OpenSSH authorized_keys file: and copy it.Switch back to cPanel again, and paste in your public key into the public key text box. Give your public key a name, as shown (this becomes the filename your public key is saved as) and click the Import button. If you don't give your key a name, it will default to being called id_dsa.The next step is to authorise your public key.Back on the Manage SSH Keys cPanel screen, click Manage for your key (as shown)
Then, on the Manage Authorization screen just click the Authorize button and you should receive a confirmation that the key has been authorised. That's it, you're now ready to use your private key! - Configuring Pageant to decode your private key for PuTTY and Filezilla
OK, remember back in Step 1, we saved your private key with a .ppk extension?
Open the Pageant application (part of the PuTTY tools that you installed already).
Did nothing happen? That's OK - Pageant only runs as a small taskbar icon (It looks like a little PC with a hat on).Now, right-click the little Pageant icon, and a context menu will pop up. Select Add Key from the popup menu.This will open a file selection window. Simply browse to wherever you saved your .ppk (private key) file in Step 1 and click Open.
You did remember to store that strong passphrase from Step 1 somewhere, didn't you? Enter it in the text box and click OK.That's it. Pageant now has your private key open and ready for use by other applications. You can check your keys by right-clicking Pageant and selecting View Keys.
Or, and this is the neat part, you can right-click Pageant, and hover your mouse over the Saved Sessions menu item to reveal any Saved Sessions from PuTTy. You only need to click on your saved session to connect automatically to your SSH session without having to start PuTTY yourself.
Enhancing SFTP Access using Filezilla with public/private keys
Assuming you have already Setup Filezilla to connect using SFTP with your account password, then there is very little to do
Just open Filezilla's Site Manager from the File menu, locate your connection profile under My Sites, and remove the password.
As long as Pageant is doing its thing in the taskbar, then Filezilla will automatically try to connect using your private key.