PuttyGen is handy tool which is installed as part
of Putty. It allows you to generate key pairs, this first step is to click
Generate. This will then use mouse inputs to generate a random key pair. Once
this has completed you will see a Public Key displayed in the Key window.
In this example I am going to reconfigure an
existing Azure Linux VM to use certificate-authentication instead of passwords.
This VM was deployed using password authentication, which will still work post
this configuration change. When key pairs are used for authentication they are
placed in the following way:
·
Public Key - this is placed on the Azure Linux VM
·
Private Key - this is kept on the administrative workstation
The key pair can be used to authenticate to many
Azure Linux VMs, the important factor is keeping the private key secure. The
next step is to click Save Public Key, you will be prompted to enter a passphrase
which is entirely optional. If a passphrase is entered here, you will be
required to enter it when you authenticate to your Azure Linux VM's using this
key pair. Once this has been done, we also must do the same for the private key
so click Save Private Key and choose a suitable location for PuttyGen to write
it.
All going well we should be left with two files,
one holding the public key and one holding the private key.
Open the public key file, this is the key we must
configure the Azure Linux VM with. Copy the entire contents of the public key
file.
From the Azure Portal find the Azure Linux VM you
are looking to reconfigure and go to the Reset Password option. Click on Reset
SSH Public Key.
You will be presented with the following fields.
You must enter a valid username on the Azure Linux VM, in my case the default
AzureUser was still being used. You then must paste in the entire public key. Click
Update to commit any changes.
To test the configuration open Putty and click
Connection > SSH > Auth, from here we must point to the private key file
so that Putty can present it when asked by the Azure Linux VM.
Now try to connect. You will be presented with a
username prompt, I entered AzureUser in my example and as you can see the
connection has been authenticated successfully with the certificates.
