Sharing SSH Keys between Cygwin and PuTTY

I’m rather pleased about this one.

I have a Windows laptop and a Linux server. I prefer using Linux and I have all sorts of server tasks to do, but I might not always want to do them at the actual work station. So, I use the SSH protocol to remotely work on my Linux server.

In Windows, I accomplish this using PuTTY (a small terminal emulator/SSH client) or Cygwin (a Linux-like environment for Windows).

PuTTY directly remotes into the server, while Cygwin provides a Linux-like interface in Windows (i.e. it gives me lots of nice Linux packages like rsync, grep, vim, openssh, etc) that can also remote in. The handy thing about Cygwin is that you can do Linux-like work on your Windows computer.

Anyway, as we know, when we’re SSHing into another server, we don’t want to use a password. We want to use SSH keys, because they’re way more difficult to brute force than a regular old password. That said, we also want to add a passphrase for decrypting our SSH private key so that an attacker doesn’t gain access to your server just by possessing your private key.

But…we don’t want to type this passphrase all the time, so we use a SSH key agent like Pageant to store our keys for us. We type the passphrase in once and then Pageant handles all the requests for the SSH private key for the rest of our OS session.

PuTTY and Pageant work perfectly together (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html), especially when we automatically load up our keys upon login to Windows (http://blog.shvetsov.com/2010/03/making-pageant-automatically-load-keys.html).

However, Cygwin needs some extra help. Fortunately, there is a Cygwin add-on for that called ssh-pageant (https://github.com/cuviper/ssh-pageant). Download the binary file, copy it into Cygwin, add a line of code to your .bashrc file, and now Cygwin can share the keys stored in Pageant!

Enter your passphrase upon login, and then you have easy, yet secure, access to your server via SSH using PuTTY or Cygwin!

P.S. In my case, I’m thinking of scripting an automated rsync backup between my laptop and my server using Cygwin (actually, I already have a bash script that I can run manually to do this). Most tutorials suggest using a private key without a password, but I don’t like that idea. So, I’m thinking that I’ll load Pageant at login, enter my passphrase, then hopefully either trigger an event or have a script waiting to start the bash script that initiates the rsync backup.

That might sound convoluted but it’s not really. It’s also free, cross-platform, and flexible.

How many of us actually perform backups? We all say it’s a good idea but how often do you think “I’ll do it eventually”? Why not do it now?

I figure there are 3 reasons to have a home server:

1) Central file storage/file serving/file sharing (Store all your important files, especially files that don’t often change such as music, photos, video, etc, in a central location. Store once, access many times from different devices.)

2) Backups (You’re not going to store everything on your server. You’re going to have a certain amount of content that lives on your laptop, or other mobile device. By keeping a synced backup on your server, you ensure that you keep your data even if you have a hardware failure, lose your device, etc.)

3) Remote access (Maybe you need a copy of a file from home, or you want to take care of something on your server. Remote in and do the work!)

Of course, you could argue the relative merits of having a home server versus a server on the cloud versus a cloud-based service, but I’ll save that for another time.

For now…I’m consolidating my media on a central server, syncing my mobile devices (i.e. keeping mirrored backups), and managing both of those via remote access (although only internally. No holes in my firewall to the outside world…yet.).

 

 

Advertisements