If your headless, or remote, VPS is visible over the Internet, you should use public key authentication instead of passwords, if at all possible. This is because SSH keys provide a more secure way of logging in compared to using a password alone.
While a password can eventually be cracked with a brute-force attack, SSH keys are nearly impossible to decipher by brute force alone. With public-key authentication. Click here to check the Best Putty Alternative
Every computer has (i) a public and (ii) a private "key" (two mathematically-linked algorithms that are effectively impossible to crack).
Today, OpenSSH is the default SSH implementation on Unix-like systems such as Linux and OS X.
Key-based authentication is the most secure of several modes of authentication usable with OpenSSH, such as plain passwords and Kerberos tickets. Other authentication methods are only used in very specific situations.
SSH can use either "RSA" (Rivest-Shamir-Adleman) or "DSA" ("Digital Signature Algorithm") keys. Both of these were considered state-of-the-art algorithms when SSH was invented.
but DSA has come to be seen as less secure in recent years. RSA is the only recommended choice for new keys, so this tutorial uses "RSA key" and "SSH key" interchangeably.
PuTTY Key Generator (a.k.a. PuTTYgen)
While PuTTY is a client program for SSH (in addition to Telnet and Rlogin), it is not a part of or otherwise based on OpenSSH. Consequently, PuTTY does not have native support for reading OpenSSH's SSH-2 private key files.
However, PuTTY does have a companion named PuTTYgen (an RSA and DSA key generation utility), that can convert OpenSSH private key files into PuTTY's format; allowing you to connect to your cloud server from a Windows machine, with the added security that SSH keys provide.
PuTTYgen is a (free) open-source utility and can be downloaded from the maintainer's website. PuTTYgen is what you will use to generate your SSH keys for use in PuTTY.
To start, all you need to do is download the executable files (.exe) and save them on the computer that you'll use to connect to your VPS, e.g. on the desktop. You will not need to "install" PuTTYgen, because it is a standalone application.
Generating OpenSSH-compatible Keys for Use with PuTTY
To generate a set of RSA keys with PuTTYgen:
- Start the PuTTYgen utility, by double-clicking on its .exe file;
- For Type of key to generate, select RSA;
- In the Number of bits in a generated key field, specify either 2048 or 4096
- Click the Generate button;
- Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full;
- A private/ public key pair has now been generated;
- In the Key comment field, enter any comment you'd like, to help you identify this key pair, later (e.g. your e-mail address; home; office; etc.)
- Optional: Type a passphrase in the Key passphrase field & re-type the same passphrase in the Confirm passphrase field (if you would like to use your keys for automated processes, however, you should not create a passphrase);
- Click the Save public key button & choose whatever filename you'd like (some users create a folder in their computer named my_keys);
- Click the Save private key button & choose whatever filename you'd like (you can save it in the same location as the public key.
- Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All;
- Right-click again in the same text field and choose Copy.