One effective way of securing SSH access to your VPN is to use a public/private key. This means that a ‘public’ key is placed on the server and the ‘private’ key is on our local workstation.
output screen will be as below
you can add a
Key comment to help you easily identify your key, but for passwordless and automate login without prompet we will keep
Key passphrase field empty.
- Save both keys (Public and Private Keys) files to a secure location into your device.
- Copy the output public key from PuTTYgen window, as below screenshot.
Copy the Public Key to the clipboard and paste it at the very end of “append” @
~/.ssh/authorized_keys on your VPS. If that file doesn’t already exist, you will have to create it (
To make use of your newly generated RSA key pair, you will need to tell PuTTY to use it when connecting to your VPS. Do this by opening PuTTY and going to the “SSH” -> “Auth” section. Browse to where you saved the keys and load the private key as seen below:
PuTTY Client side
To keep connection session opend, you need to setting up keepalive value for
PuTTY Client side as below screenshot
This will send a “null packet” every 120 seconds on your SSH connections seesion to keep them alive.
SSH Server side
ClientAliveInterval 120 ClientAliveCountMax 720
This will make the SSH Server send the PuTTY/Clients a “null packet” every 120 seconds and not disconnect them until the client have been inactive for 720 intervals (120 seconds * 720 = 86400 seconds = 24 hours).
Make PuTTY use the key every time you connect to your VPN by saving this configuration. After loading your key as shown above, go back to “Session” and save your session:
Once you have saved your session, your key will be loaded automatically upon connecting to your VPN.
Opting for a key-based authentication to your SSH server is beneficial in many ways. By eliminating the possibility of SSH brute-force attacks targeted towards your VPN, the chances of it being compromised are decreased by an order of magnitude.
Author: Josh@SliceHost && Netsblog