Secure Shell (SSH)

Commonly known as SSH, Secure Shell is a common network or internet protocol with security a core part of the protocol. It does not use certificates like Transport Layer Security but rather keys.

One thing I have only recently learnt is that not all keys are equal. Well of course, they should be unique I hear you say and yes that is correct. However what I mean is not all SSH solutions create and store keys in compatible files.

Private Keys

Some hosting companies do allow you to generate and download a private key, however generally they will not store this but the public key will be available and added to the host ~/.ssh/authorized_keys file. The private key file can then be put on the client in ~/.ssh/id_rsa and will then be used automatically by the ssh command. You could store the key in a different file then the use the "-i" switch on the ssh command to specify where it is.

If you have the private key then you can generate the public key as follows:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/
Where typical file names are used, however make sure you don't accidentally overwrite an file you need!


When working on Windows the "standard" SSH client is PuTTY, as every it is recommended to download the latest version, so head over to PuTTY: a free SSH and Telnet client and do just that.

Working with a Linux solution I was given a private key by the admin and from a MacBook I could indeed just use the native SSH client and connect with the private key that I had but PuTTY would not play ball with the same file! After some digging I found the solution is this:

  • Start PuTTYgen
  • Click "Load" and open the private key file
  • Then click "Save private key" and save the file with a .ppk extension
  • Load PuTTY itself and then....
  • Connection->SSH->Auth: set the "Private key file for authentication" to the .ppk file created above
  • Connection->Data: set the "Auto-login username" to be the username for the private key
  • Session: set "Host Name" to be the hostname or IP address
  • Session: put a name in the "Saved Sessions" box and click Save
  • Click Open and you should not be signed in, all automagically!
The key step is converting the private key file format from the format generated by Linux into a file format that PuTTY can understand. The rest is just configuring PuTTY to make everything easy!