[SOLVED] PuTTY SSH Authentication with Keys - Preticked options?
#1
Apologies in advance if this is a very dumb inquiry - I'm trying to work with Private/Public Keys for the first time.  I Googled the steps to death and I've been unable to get the same PuTTY SSH Auth Window as the one below, i.e. mine must be a more up to date version with more options.  My query is about the SSH/Auth options below that come pre-ticked with my PuTTY installation.  Can I remove some of those ticks?  Like what does the "Display pre-authentication banner" mean - can I untick it?  How about "Attempt authentication using Pageant"? Can I untick that too? And only keep the "Attempt "keyboard-interactive" auth" ticked?  

[Image: RfnpQy9.png]
#2
I normally did not touch them as I didn't have knowledge on those settings (and I don't need them to be changed).

You can read the PuTTy User Manual here.
Thank you FreeVPS and ZXPlay for VPS 7 and 19

[Image: show_img.php?userid=17170&vpscount=2]


Don't PM me for support, use an appropriate forum to ask for support
#3
You normally don't touch any of these settings. You only set the path for the private key at "Private key file authentication" and save the profile. If the server is setup correct you should able to authenticate to it with the user private key file.

Quote:Like what does the "Display pre-authentication banner" mean

You can setup a banner which is more or less like a message that will be displayed to all connecting clients that attempt to connect to your server. This banner is displayed before the actual authentication process where you are asked for a username and password/key file will start. With this option ticked you will see that banner. If you untick the option this banner will be skipped and you won't see the message and instead you will only instantly see the authentication process where you will be asked for a username and so on as usual.

Insomnia247 shells are having such a pre-authentication banner which is annoying in WinSCP (fortunately WinSCP has a option to skip it, too) and other file transfer clients as the authentication won't start before you close that banner... and so you won't be able to transfer files before you close that banner.


Quote:How about "Attempt authentication using Pageant"?

Pageant is a SSH authentication client for public key authentication. With that option ticked PuTTY will try to use Pageant to authenticate to the server instead of using its own authentication method (I assume you will have to download Pageant and put it in the same folder as PuTTY for that to work).

http://the.earth.li/~sgtatham/putty/0.58...pter9.html

FileZilla needs Pageant in order to use public key authentication for SFTP. Which is why I don't use FileZilla because getting SFTP with public key authentication over Pageant working is simply too much hassle. WinSCP handles everything properly and much better.


Quote:And only keep the "Attempt "keyboard-interactive" auth" ticked?

This method is interesting but I never really used it. Some more info about it http://www.snailbook.com/faq/keyboard-in....auto.html

You can do some nice stuff with it as it seems, starting from one-time (throwaway) passwords to implementing other type of authentications such as Radius login servers.

https://support.ssh.com/manuals/server-a...ctive.html

Beware: keyboard-interactive may look like password authentication but it might not always be that. It does accepts passwords as you can see in the ssh.com link above but it can also be that behind it is a different authentication way like a Radius login.


You can always test. So tick this and untick that and try around. Or leave everything as it is.
#4
Thank you for the detailed answer HR. This is much appreciated. So I'll leave those unticked then. Guess the best way of learning as well tonight is when I do the keyless setup.




Users browsing this thread: 1 Guest(s)