How To Use SSH Keys with PuTTY (Windows users) 1

How To Use SSH Keys with PuTTY on DigitalOcean Droplets

(Windows users)
 Introduction
 How SSH Key Pairs Work
 Download and Install PuTTY and PuTTYgen
 Create an SSH Key Pair
 Upload Your Public Key to your DigitalOcean Account
 Create a New VPS Server with your Public SSH Key Embedded
 Setting Up an SSH Session with SSH Keys in PuTTY
 Connect to Your Server Using the Saved PuTTY Session
 Conclusion

Introduction
Note: This guide is for Windows users. If you are using Mac OS X or Linux on your home computer, please follow this guide instead.

While it is possible to manage your servers using password-based logins, it is often a better idea to set up and utilize
SSH key pairs. SSH keys are more secure than passwords, and can help you log in without having to remember
long passwords.

At DigitalOcean, you are able to upload your key so that it will be embedded in your servers upon creation. This lets
you log into your servers without a password while still remaining very secure.

For Windows users, a piece of software called PuTTY is typically used to create SSH sessions which allow you to
connect to your server. This same suite of programs can be used to generate SSH keys and remember which keys
should be used to connect with your servers.

In this guide, we will walk you through how to use PuTTY to generate SSH key pairs, how to upload your public
key to the DigitalOcean web interface, and how to create new droplets (VPS instances) with your public key
embedded. We will then show you how to connect to your servers without a password using your private key.

How SSH Key Pairs Work

SSH key pairs are used as an authentication method by creating two related keys.

The first key is called a private key. The private key is a secret key that is owned and kept safe by the user who
creates it. It is used to identify you and is kind of like the wax seals that used to be used to seal letters. It can be used
to prove that a connection is legitimately coming from you.

You should not let anyone have your private key, because the other person could then masquerade as you and log
into any accounts you have configured with your key. If you need to share access, there are better ways.

The other key is called the public key. This key is veritably associated with your private key. The difference is that
you can freely share this key with anyone around the internet.

The only thing that someone else can do with this key is allow you to log into their machine. This is what we will be
configuring in this guide, by creating our new servers with our public key already included.
 How To Use SSH Keys with PuTTY (Windows users) 2

Download and Install PuTTY and PuTTYgen

To get started, we'll need to download and install both PuTTY, the utility used to connect to remote servers through
SSH (secure shell), and PuTTYgen, a utility used to create SSH keys.

You can find links to both of these at the project's website.

The easiest way of getting all of the necessary utilities is to scroll click on the link associated with the heading "A
Windows installer for everything except PuTTYtel", as you can see pictured here:

Click on the link for the installer to download it. Then install it on your home computer using the wizard that begins
when you double click the installer. It is usually okay to accept the defaults, but feel free to change any values you'd
like.

Create an SSH Key Pair

We will begin by creating our SSH key pairs.

Start up the PuTTYgen program through your Start Menu or by tapping the Windows key and typing "PuTTYgen".
It will launch the key generation program, which should look something like this:
 How To Use SSH Keys with PuTTY (Windows users) 3

To create a new key, select the parameters at the bottom that match your requirements:

In almost all situations, the default values will work great, so feel free to leave them as-is. When you are ready, click
on the "Generate" button on the right-hand side

Because SSH keys are created using random chunks of information for security, you will need to generate some
random data by waving your mouse around in the window area. This randomness, known as entropy, is used to
create keys in a secure fashion that won't be reproducible by other people.

When the operating system has received enough random chunks of information, it will generate a key pair. It will
output the public key to a text box on the screen.

You can use this information by copying and pasting it from the box, but we'll save it for later using the interface
provided. Click on both the Save public key button and the Save private key button and select a secure location to
keep them:

You can call your keys whatever you'd like. Your private key will be given the extension ".ppk". The public key,
you should probably select an extension like ".txt" so that you will be able to open it with a regular text editor. You
will need to be able to read the information from this file later on.

You now have your generated key pair saved on your computer and ready to use.
 How To Use SSH Keys with PuTTY (Windows users) 4

Upload Your Public Key to your DigitalOcean Account

As we stated earlier, you can freely share your public key because, while it can be used to validate the user who
holds the associated private key, it cannot be used to re-create the private key. It is therefore completely safe to
upload.

Within your DigitalOcean account, click the account icon in the upper-right hand corner. From the drop down menu
that appears, select the Settings item:

You will be taken to the DigitalOcean accounts page. In the left-hand navigation menu, select the Security menu
item:

This will take you to the security section of your account. In the main area, there is a section for managing your
SSH keys. Inside this section, click on the Add SSH Key button:

A new screen will display, giving you the option to add a public SSH key to your DigitalOcean account. Paste the
contents of your public key into the space provided. If you no longer have your PuTTYgen session running, you
should open your public key with a text editor (like Notepad). Select every piece of text within the file and paste it
into the provided field.
 How To Use SSH Keys with PuTTY (Windows users) 5

Afterwards, select a name for the key that will help you easily identify the key in the DigitalOcean interface. When
you are finished, it should look something like this:

Click the Add SSH Key button when you are finished. You now have a public key available within the
DigitalOcean control panel:

Now, we just need to create a new Droplet utilizing this key.

 How To Use SSH Keys with PuTTY (Windows users) 6

Create a New VPS Server with your Public SSH Key Embedded
Now that we have our public key in our interface, we can embed it into our new servers. This will allow you to
authenticate to your new server using your private key, without having to supply a password.

To create a new server, click on the Create Droplet button in the upper-right corner of the control panel:

Select the image to use, the Droplet size, datacenter region, and other available options as usual.

Towards the bottom of the page, there is a section called Add your SSH Keys. Inside, you will have check boxes
for each of the SSH keys that you have uploaded to the control panel. You can select one or more keys to embed
them into your server:

If you are familiar with creating servers through DigitalOcean, you may be used to receiving an email upon creation
with the authentication details and password. When you choose to embed an SSH key into your new server, you will
not be sent an email.

Instead, you should use your private key to sign in, which does not need a password.

Setting Up an SSH Session with SSH Keys in PuTTY

Now that we have a droplet with our public key inside, we can use PuTTY to connect to it. We will do this by
setting up and saving a session. This way we will be able to quickly reconnect at a later time with all of our settings
saved.

Start by opening up the main PuTTY program. You can do this by double clicking on the PuTTY program, or by
tapping the Windows key and typing "PuTTY".

Inside, you'll be taken to the main session screen. The first step is to enter the IP address of your droplet into the
session page. You can get this address from your DigitalOcean control panel:
 How To Use SSH Keys with PuTTY (Windows users) 7

By default, SSH happens on port 22, and the "SSH" connection type should be selected. These are values we want.

Next, we'll need to select the "Data" configuration inside the "Connection" heading in the left-hand navigation
menu:

Here, we will enter our server's username. For the initial setup, this should be the "root" user, which is the
administrative user of your server. This is the account that has been configured with your SSH public key. Enter
"root" into the "Auto-login username" prompt:

Next, we'll need to click on the "SSH" category in the navigation menu:

Within this category, click on the "Auth" sub-category.

There is a field on this screen asking for the "Private key file for authentication". Click on the "Browse" button:
 How To Use SSH Keys with PuTTY (Windows users) 8

Search for the private key file that you saved. This is the key that ends in ".ppk". Find it and select "Open" in the file
window:

Now, in the navigation menu, we need to return to the "Session" screen that we started at.

This time, we need to create a name for the session that we will be saving. This can be anything, so select something
that will help you remember what this is for. When you are finished, click on the "Save" button.

You now have saved all of the configuration data needed to connect to your new server.
 How To Use SSH Keys with PuTTY (Windows users) 9

Connect to Your Server Using the Saved PuTTY Session

Now that you have your session saved, you can recall these values at any time by returning to the "Session" screen,
selecting the session you would like to use in the "Saved Sessions" section, and click "Load" to recall the settings.

This will auto-fill all of the fields with the values you initially selected.

When you are ready to actually connect to your server, on the "Sessions" screen, click the button at the bottom that
says "Open" after you have loaded your session:

The first time that you connect with the remote host, you will be asked to verify the identity of the remote server.
This is expected the first time you connect to a new server, so you can select "Yes" to continue.

Afterwards, you should immediately be logged into your new server without ever having to type in a password:

If you've gotten this far, you've successfully configured SSH keys with DigitalOcean!
 How To Use SSH Keys with PuTTY (Windows users) 10

Conclusion
You should now be able to easily deploy new DigitalOcean VPS instances with your SSH public key. You can use
the SSH keys you created on as many servers as you would like. They are not one-time use configurations.

To learn about how to embed your PuTTY SSH keys into server instances that you already have up and running,
follow this guide.