Ceci est une ancienne révision du document !
Configuration documentation for PuTTY/KiTTY and WinSCP in the PSMN environment (Click on the following images if you want to view them in normal resolution).
Please install (or have your administrator install) the following softwares PuTTY (or KiTTY) and WinSCP.
Start the program PuTTYgen
. Check in the Key
menu that you are using SSH-2 at minimum.
Then click on Generate
. When your key is generated, add a passphrase
. It must contain at least 15 characters.
That's a bad passphrase. :
toto
This is a good passphrase. :
H3re is an ex4mple of @ compl1cated, ev3n c0nvoluted passphr4se.
This is also a good passphrase. :
A bottle of "Glenfîddich Rare Collection 1937" is worth 15,000 euros including tax. Minimum...
Then save your private key (button Save private key
, the filename does not matter, but save it with the extension .ppk
). Make copies of them and hide them !
Keep the window open, and/or save the key located in the Public key for pasting…
box, it's your public SSH key. Save it in an authorized_keys
file.
To use key operation, you will need to log in once with a password (yours, to ENS, CBP or PSMN). To do so, you will configure a first session on PuTTY :
HostName
of the gateway, the port (22, default), add a session name and click Save
.Terminal→Keyboard
, choose Linux
.Windows→Selection
, choose xterm
.under Windows Seven and/or if you have a two-button mouse, you may need to use “Compromise” instead.
Connection→Data
, indicate your ENS, CBP or PSMN login.Connection→Proxy
, check that none is configured.Connection→SSH→Auth
, activate the forwarding agent.Connection→SSH→X11
, activate X11 forwarding.
Return to “Session” and save. You can now click on Open
to open a connection.
Don't worry, these adjustments only have to be made once. You will then be able to copy and rename the saved sessions.
And backup of .ssh/authorized_keys
~/.ssh/authorized_keys
.
With vim, i
to switch to “insert” mode, Esc
to return to normal mode, :wq
to enter command mode (:), save (write) and exit (quit).
~/.ssh/authorized_keys
.
With vim, i
to switch to “insert” mode, Esc
to return to normal mode, :wq
to enter command mode (:), save (write) and exit (quit).
PuTTY Agent is used to keep a copy of your unlocked key in memory, available to software using the SSH protocol (PuTTY, WinSCP, TortoiseSVN, etc).
add key
.Load
, then on Open
.plink
proxy, this one is not interactive (it will not be able to ask for a password).
PuTTY's proxy allows ssh bounces, through several machines (voir infographie).
Légende :
In the following, we consider that your private key is loaded by pageant
(see section 3.3).
Change the “Host Name” to that of an internal machine of the PSMN (here, for the example, x5770comp1). So, rename the session to x5770comp1 (to follow the example)
Connection→Proxy
, select Local
.Connection→Proxy
, set “Telnet command” as follows : plink.exe -load allo-psmn -nc %host:%port
Session
, save, then click Open
. You are normally directly connected to x5770comp1, without a terminal open on the gateway (allo-psmn).Host Name
for that of the ENS de Lyon gateway (ssh.ens-lyon.fr
) or of the PSMN (ssh.psmn.ens-lyon.fr
). Save.Connection→Proxy
, select Local
.Connection→Proxy
, set Telnet command
as follows : plink.exe -load ssh.ens -nc %host:%port
or
plink.exe -load ssh.psmn -nc %host:%port
Open
. You are normally directly connected to allo-psmn.It is possible to make more than one bounce with Putty by recalling the previous session each time with the plink command. So you can connect to an internal machine directly from the outside. To do this, create a third connection by following the steps of the case 1 above.
The WinSCP software is used to copy files, using the SSH protocol (and PuTTY sessions).
Tools→Import
. :Connect
.You can now copy files to or from the PSMN.
If you want to display graphical applications from a PSMN machine to your Windows client, you have to install an “X server”: The simplest, working very well with PuTTY, is to install an “X server”. Xming
The PSMN has a machine dedicated to graphic visualization, see this documentation for his use.