Configure PuTTY to use public key login to UNIX box
Connections
For this to work well, you should make sure that PuTTY is configured with a connection for every host that you want to connect to. It's easiest if you use a simple alias. For instance, if you are connecting to server1.company.com, name the PuTTY alias "server1".
This is convenient because Putty lets you use alias names for the network target in pscp commands. For instance, you can do something like this:
pscp file.txt server1:/tmp
You can also use that same alias name in other related tools, for instance when sychronizing Subversion or Mercurial over ssh using PuTTY or Plink.
You could also choose to make an alias called "subversion" rather than using a shortened hostname.
Generating the Key
This isn't too difficult. Download puttygen.exe from wherever you get PuTTY. Execute it (it's a GUI tool). Select SSH2-RSA, 2048 bits in the parameters section and then click the Generate button.
You'll have to move the mouse around to generate random noise to seed the key.
Once the key is generated, change the comment (I used something like username@pcname). Enter a passphrase, or leave it blank for no passphrase. (If you do this, the only thing protecting your login is access to the private key file, so be careful.)
Highlight and copy the public key from the box at the top of the screen. You'll need this later.
Click Save Public Key to save the public key file. I placed it in:
C:\Documents and Settings\user\Application Data\putty\id_rsa.pub
Click Save Private Key to save the private key file. I placed it in:
C:\Documents and Settings\user\Application Data\putty\id_rsa
(It gets saved with a .ppk extension.)
Installing the key
Next, log into the UNIX box using a password (the usual keyboard authentication mechanism). Edit the ~/.ssh/authorized_keys file. Paste the public key that you saved off (above) at the bottom of this file. Make sure it's all on one line. Repeat this for any UNIX box you need access to from your PC. In all cases, make sure the mode on the file is 600 (read-write for owner only).
Finally, open PuTTY and reconfigure your connection. Go to Connection, then SSH, then Auth. Leave the "Attempt keyboard-interative auth" item checked. In the "Private key for authentication" box, browse to the private key you saved off previously (id_rsa.ppk). Make sure to save the connection.
Once you've done this, you should be able to log in to the remote box with the key rather than via your login password. If it doesn't work, re-check that the public key is correct on the remote box, and check permissions on the authorized_keys file.
Using Pageant as a Key Agent
If you want, you can use pageant (Putty's key agent) to manage this private key, so you don't need to type the passphrase every time. That way, you can get most of the benefits of a password-less key, without the risk of having the key unprotected.
First, download pageant.exe from Putty's website. Put the executable alongside all of the other PuTTY executables.
Next, run pageant.exe. Note: all this does is put an icon in the tray. It looks like a monitor with a hat.
Double-click on the icon to see the program. Click Add Key to add the key you created. You'll have to enter your passphrase immediately.
Once you do this, you should be able to open a session without having to enter your passphrase again. When you log in, you will see a note at the top of the terminal window:
Using username "user".
Authenticating with public key "user@subversion" from agentDrop a shortcut to pageant.exe into the Startup folder if you want Pageant to start on boot.
Unfortunately, Pageant doesn't store a list of keys from one Windows login session to another. So, append a list of keys to the command-line in the shortcut. There may be more than one way to do it, but I just went to the shortcut properties and changed the target from this:
"C:\Program Files\Putty\pageant.exe"
to this:
"C:\Program Files\Putty\pageant.exe" "C:\Documents and Settings\user\Application Data\putty\subversion.ppk"
The quotes are important if the path to the private key contains spaces. It won't work otherwise.
Once you do this, pagent will pop up a prompt for each of the listed keys at login. Type in your passphrase, and you're good to go.