Categories

Passwordless SSH Login

Date
Author

This guide provides two popular methods: (A) Windows OpenSSH via PowerShell, which is the recommended approach, and (B) PuTTY with Pageant, for users who prefer a graphical interface. A brief troubleshooting section is also included.

⚠️ Security Notice: Always protect your private key. Use a strong passphrase where possible and never store your private key in a public or unsecured location.

A) Recommended Method: Windows OpenSSH (via PowerShell)

 

This method utilizes the OpenSSH client that is built into modern versions of Windows 10 and 11.

  1. Open PowerShell (or Windows Terminal).

  2. Generate a new SSH key pair. The ed25519 algorithm is recommended for its security and performance.

				
					ssh-keygen -t ed25519 -C "valsze@windows"

      • Press Enter to accept the default file path (C:\Users\<YourUser>\.ssh\id_ed25519).

      • Enter a strong passphrase for added security, or press Enter to proceed without one.

3. Copy the public key to the server. This single command will transfer your public key to the server’s authorized_keys file, creating the necessary directory and setting the correct permissions.

Execute the following command in PowerShell:

				
					type $env:USERPROFILE\.ssh\id_ed25519.pub | ssh -p 27 valsze@xxx.xxx.xxx.xxx "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

You will be prompted for the valsze user’s password one last time to authorize the key transfer.

4. (Optional) Configure ssh-agent to manage your key. This step allows you to enter your passphrase once per session instead of every time you connect.

Start the agent and set it to launch automatically:

				
					Start-Service ssh-agent
Set-Service -Name ssh-agent -StartupType Automatic

Add your private key to the agent:

				
					ssh-add $env:USERPROFILE\.ssh\id_ed25519

5. (Optional) Create an SSH configuration file for a simplified connection alias.

Create or edit the file C:\Users\<YourUser>\.ssh\config and add the following:

				
					Host arwen
    HostName xxx.xxx.xxx.xxx
    Port 27
    User valsze
    IdentityFile ~/.ssh/id_ed25519
    IdentitiesOnly yes
    ServerAliveInterval 60

Now, you can connect simply by running:

				
					ssh arwen

6. Test the Connection.

Attempt to connect to the server. If ssh-agent is running with your key loaded, you should be logged in immediately without a password prompt.

				
					ssh -p 27 valsze@xxx.xxx.xxx

To debug any issues, use the verbose flag (-v):

				
					ssh -v -p 27 valsze@xxx.xxx.xxx.xxx

B) Alternative Method: PuTTY + Pageant

 

This method is for users who prefer to use the PuTTY graphical interface.

  1. Generate a Key Pair with PuTTYgen.

    • Open PuTTYgen (part of the PuTTY suite).

    • Select the Ed25519 key type and click Generate.

    • Move your mouse over the blank area to generate randomness.

    • Once complete, copy the public key from the box labeled “Public key for pasting into OpenSSH authorized_keys file”.

    • (Recommended) Add a passphrase to protect your key.

    • Click Save private key and save the .ppk file to a secure location.

  2. Add the Public Key to the Server.

    • Connect to your server using PuTTY, authenticating with your password for now.

    • Execute the following commands to create the authorized_keys file and set permissions:

				
					mkdir -p ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/authorized_keys

    • Inside the nano editor, paste the public key you copied from PuTTYgen. Press Ctrl+X, then Y, then Enter to save and exit.

    • Set the correct file permissions:

				
					chmod 600 ~/.ssh/authorized_keys

3.  Use Pageant (PuTTY’s SSH Agent).

    • Run Pageant. It will appear as an icon in your system tray.

    • Right-click the icon and select Add Key.

    • Navigate to and select the .ppk private key file you saved earlier. Enter the passphrase if prompted.

4. Configure a PuTTY Session for Auto-Login.

    • Open PuTTY.

    • Session:

      • Host Name (or IP address): xxx.xxx.xxx.xxx

      • Port: 27

    • Connection → Data:

      • Auto-login username: valsze

    • Connection → SSH → Auth:

      • If not using Pageant, you can specify your private key file here. If Pageant is running with the key loaded, PuTTY will use it automatically.

    • Go back to Session, enter a name under Saved Sessions (e.g., SG-VPS), and click Save.

    • Now, you can simply double-click the saved session to connect automatically.

C) Optional: Disable Password Authentication (Recommended for Security)

 

Once you have confirmed that key-based login is working correctly, you can enhance security by disabling password-based logins entirely.

  1. Edit the SSH configuration file:

    sudo nano /etc/ssh/sshd_config

  2. Change the following line:

    PasswordAuthentication no

  3. Restart the SSH service to apply the change:

     
    sudo systemctl restart sshd

Important: Ensure you have successfully logged in with your SSH key before disabling password authentication to avoid locking yourself out of the server.

Tags authorized_keysed25519IT TutorialOpenSSHPageantPasswordless LoginPowerShellPublic Key AuthenticationPuTTYServer SecuritySSHssh-agentssh-keygenSystem AdministrationvpsVPS ConfigurationWindows

You Might Also Like:

Frühlingserwachen 🌺😊
2026Photos
Winterabend 🥶
2026Photos
Eiszeit 🥶
2026Photos