As I visit various client sites on a daily basis, I have to log in to various linux boxes and Cisco network devices. Entering usernames and passwords over and over again can be a fact of live that can be automated .... in a safe way.
Many people are aware of using Simon Tatham's Putty as a Telnet/SSH log in tool. There are a couple of
add-ons that make life just a bit easier when using this tool on a regular basis.
At many of the sites I visit, there is a Linux server installed for monitoring the
network. There is a log in for each consultant who visits.
From the Putty Download page, each consultant downloads Putty, Pageant, and
PuttyGen.
- Putty: main tool for telnet/ssh shell logins
- Pageant: a memory resident tool maintaining an active private key
- PuttyGen: a tool for creating a public/private key set for a user
A new user will use PuttyGen to generate a new ssh2 rsa public and private key. Each key
is saved to a file. The private key should be saved to a file and locked with a pass-phrase.
On the Linux server, in each user's directory, a directory '.ssh' is created. It needs
to be chmod'd with 600. A file in that directory needs to be created with the name
'authorized_keys' and chmod'd with 600. The public key needs to be placed in that file on
as one line.
The time saving feature comes with the next steps. When running Windows, put Pageant in
the StartUp folder. After logging into Windows, right click on the icon in the tool tray
and load the private key from the private key file saved in an ealier step.
Now, when logging into a Linux server from a Windows workstation, Putty will
automatically obtain the private key from the running Pageant, pass it to the ssh server and
automatically log in when matched against the user's public key from authorized_keys.
One further time saving step is to run QuickPutty. This program can also be auto-started upon auto-login into
Windows, and will read Putty's saved entries. QuickPutty can be hidden/shown with -Q.
When visible, simply click on an item in QuickPutty's menu. This will start Putty, which
will use Pageant for key retrieval, and automatically log in to a Linux Server.
This collection of utilities greatly simplifies the logistics of logging into a Linux
server multiple times in order to get multiple sessions opened to network devices with
Rancid's 'clogin' command.
On an related note, if you want to copy files to and from ssh compatible hosts, WinSCP is an excellent visual tool for doing
that. As an added bonus, it too, will use the Pageant key repository to aid automated
logins to a server.