Using KeePass with SSH Keys: Difference between revisions
Docs admin (talk | contribs) No edit summary |
Docs admin (talk | contribs) No edit summary |
||
(10 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
The easiest way that we have found to use SSH keys to access your account or server is to use KeePass with the | The easiest way that we have found to use SSH keys to access your account or server is to use KeePass with the KeeAgnent plugin, in conjunction with PuTTY. PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, but does not allow passwords to be saved. Which is where KeePass and KeeAgent come in. | ||
<br><br> | <br><br> | ||
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. | KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. | ||
Line 6: | Line 6: | ||
<br><br> | <br><br> | ||
=== Installing Putty, KeePass and KeeAgent === | === Installing Putty, KeePass and KeeAgent === | ||
1) Install [[https://www.chiark.greenend.org.uk/~sgtatham/putty/ PuTTY]] on your workstation. | 1) Install [[https://www.chiark.greenend.org.uk/~sgtatham/putty/ PuTTY]] on your workstation. | ||
Line 14: | Line 13: | ||
3) Download [[https://lechnology.com/software/keeagent/ KeeAgent]] on your workstation. | 3) Download [[https://lechnology.com/software/keeagent/ KeeAgent]] on your workstation. | ||
4) Unzip the KeeAgent zip file, and place the keepass.plgx file in the | 4) Unzip the KeeAgent zip file, and place the keepass.plgx file in the directory where KeePass was installed. | ||
The next time KeePass is started up, you will see a dialog box saying ""Compiling Plugins..". When that clears, KeeAgent is installed. | |||
=== Creating Entry in KeePass === | === Creating Entry in KeePass === | ||
1) If this is your first KeePass Database, Go to File -> New, and click the OK button. | |||
2) Enter an easily remembered name for the file name, and click save. | |||
3) You will be prompted for a Master Password. This is the password to use to open the KeePass database. Enter a password, anc click OK. | |||
This master password is used to access the database when you open it. Once the database is opened, you can add entries, passwords, etc. and easily use them. | |||
4pen the Database, and Enter the Master Password. | |||
5) Pick a category on the left, such as General, and click on it. This will open that page. | |||
6) Go to Edit, and click on Add Entry. The following changes are needed: | |||
* Title should be the server name. E.g. bay.acenet.us | |||
* Username should be your cPanel account username or root | |||
* Password should be the passphrase used to generate the SSH Key | |||
* URL should be the word PuTTY | |||
<br> | |||
* Go to the Advanced tab | |||
* Top Box, Add "Server IP" with the IP address as the field value. | |||
* Next to the File Attachments box, click Attach, and attach the servername.ppk file (or whatever the ppk filename you previously entered was). | |||
<br> | |||
* Go to the Properties tab | |||
* The Override URL should be the following: | |||
<syntaxhighlight lang="bash"> cmd://C:\putty.exe -ssh {USERNAME}@{S:Server IP} -pw {PASSWORD} </syntaxhighlight> | |||
<br> | |||
* Go to the KeeAgent tab | |||
* Check the "Allow KeeAgent to use this entry" box | |||
* Click OK to save the entry | |||
Click on the Disk icon near the top of the window, and if prompted, click Synchronize. You will need to make sure to always save your entries when changes are made, or they will be lost when the database is next closed. | |||
=== Opening SSH Session === | |||
If the server entry is already in KeePass, click on the word PuTTY. That will execute the Override command and open Putty with the information needed to access the server. | |||
If everything has been done correctly, you should be at an already logged in SSH window, with an "Authenticating with public Key" note. | |||
You will now be able to login via SSH Keys using KeePass when Password authentication is disabled on the server. |
Latest revision as of 11:40, 17 October 2018
The easiest way that we have found to use SSH keys to access your account or server is to use KeePass with the KeeAgnent plugin, in conjunction with PuTTY. PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, but does not allow passwords to be saved. Which is where KeePass and KeeAgent come in.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database.
KeeAgent is a plugin for KeePass 2.x that allows SSH keys stored in a KeePass database to be used for SSH authentication by other programs (such as PuTTY).
Installing Putty, KeePass and KeeAgent
1) Install [PuTTY] on your workstation.
2) Install [KeePass] on your workstation.
3) Download [KeeAgent] on your workstation.
4) Unzip the KeeAgent zip file, and place the keepass.plgx file in the directory where KeePass was installed.
The next time KeePass is started up, you will see a dialog box saying ""Compiling Plugins..". When that clears, KeeAgent is installed.
Creating Entry in KeePass
1) If this is your first KeePass Database, Go to File -> New, and click the OK button.
2) Enter an easily remembered name for the file name, and click save.
3) You will be prompted for a Master Password. This is the password to use to open the KeePass database. Enter a password, anc click OK.
This master password is used to access the database when you open it. Once the database is opened, you can add entries, passwords, etc. and easily use them.
4pen the Database, and Enter the Master Password.
5) Pick a category on the left, such as General, and click on it. This will open that page.
6) Go to Edit, and click on Add Entry. The following changes are needed:
- Title should be the server name. E.g. bay.acenet.us
- Username should be your cPanel account username or root
- Password should be the passphrase used to generate the SSH Key
- URL should be the word PuTTY
- Go to the Advanced tab
- Top Box, Add "Server IP" with the IP address as the field value.
- Next to the File Attachments box, click Attach, and attach the servername.ppk file (or whatever the ppk filename you previously entered was).
- Go to the Properties tab
- The Override URL should be the following:
<syntaxhighlight lang="bash"> cmd://C:\putty.exe -ssh {USERNAME}@{S:Server IP} -pw {PASSWORD} </syntaxhighlight>
- Go to the KeeAgent tab
- Check the "Allow KeeAgent to use this entry" box
- Click OK to save the entry
Click on the Disk icon near the top of the window, and if prompted, click Synchronize. You will need to make sure to always save your entries when changes are made, or they will be lost when the database is next closed.
Opening SSH Session
If the server entry is already in KeePass, click on the word PuTTY. That will execute the Override command and open Putty with the information needed to access the server.
If everything has been done correctly, you should be at an already logged in SSH window, with an "Authenticating with public Key" note.
You will now be able to login via SSH Keys using KeePass when Password authentication is disabled on the server.