Question & Answer
Question
How can I automate SSH loginsto NPS from a Windows platform?
Answer
This document details how to set up automatic SSH login to the Netezza Performance Server from a Windows XP system (Windows 2000 and Vista will also work). If you would like to know how to do this from a UNIX / Linux client, refer to the document referenced below.
If you repeatedly access the terminal for the NPS server, it can be tedious to authenticate to the server each time. By setting up PuTTY (a SSH client) to automatically login, you are required to enter the passphrase once for the day. Using PuTTY in this way allows for other advanced remote connectivity options.
Follow the instructions below:
1. Install PuTTY, PuTTYgen, and Pageant on the Windows system.
These can be downloaded as individual executables, but this example uses the Windows installer which packages them together. (Downloads the files if necessary.)
- a. Create a folder in C:\Program Files called PuTTY.
b. Run the installer by double-clicking the downloaded file. Choose to install into the folder you created:
- C:\Program Files\PuTTY
c. When the installation is finished, navigate to the folder.
In PuTTY, you can create profiles for connections to your various servers so you do not have to re-enter the settings when you want to connect again.This example creates a profile for the NPS server (192.168.4.101).
- a. Start PuTTY by double-clicking its executable file. The PuTTY Configuration dialog box appears.
b. Make sure that Session is selected in the left frame. Enter 192.168.4.101 under Host Name (or IP address), enter 22 under Port and select SSH under Protocol.
c. Next, select Connection. In the Auto-login username field, specify the username with which you want to log in to your NPS server.
d. Re-select Session. In the Saved Sessions field, enter a name for the profile. For example, nps.hostname.com makes it obvious that this profile connects to the NPS host.
e. Click Save.
The next time you use PuTTY, you can simply select the appropriate profile from the Saved Sessions. select Load and then select Open.
3. Connect to the NPS server.
Now you can connect to our SSH server simply by clicking Open. The username is already provided to NPS. You only have to specify the password.
When you connect to the server for the first time, a security warning appears.This is because PuTTY does not yet know the server's host key so it is safe to click on Yes. (If this happens again later on, this can mean that another server is now running under the same IP address, or that someone has broken in and changed the key.)
This was the "normal" way of logging in -- with a username and a password. You can now automate this procedure to streamline access to the NPS server.
4. Generate a private/public key pairr using puttygen.
- a. Start it by double-clicking its executable file located at C:\Program Files\PuTTY\puttygen.exe.
b. Make sure to select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key.
c. Click Generate. To generate some randomness, move the mouse pointer over the blank area during the key generation. The blue bar progresses as you move the mouse.
At the conclusion, a private/public key pair has been generated.
- d. In the Key comment field, you may want to specify your e-mail address. Specify a Key passphrase and repeat it under Confirm passphrase.
e. You'll need that passphrase to log in to SSH with your new key. Select Save public key and save it in a safe location on your computer. You are free to choose a filename and extension, but it should be one that allows you to remember the system.
f. Next select Save private key. You can save it in the same location as the public key; this should be a location that only you can access and that you do not lose. You are free to choose a filename but the extension must be .ppk.
g. Select and copy the public key from the puttygen window.
5. Save the public key on the server.
- a. Log in to the NPS server (if you have already closed the previous SSH session) with the username and password used previously.
b. If the .ssh directory or authorized_keys2 files do not exist, create them.
c. Paste the public key into the file ~/.ssh/authorized_keys2 like this:
- mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys2
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBnOUN1xuuC6BcXfvgJAlfSXgXh58ERYLQMfSsl7/3a
tPVBV0PiuyozVubBixAHaSwYruLNNaGsDmVTZ7B3Eh+YwbxTqYB4HTuuCWwDxvE5mFpw4v2li4wcuTzDVk4nPxCq9CQH7zV9izPX9OEpyt9riGV8gahfWZiDz4C9FIVdnw== myuser@hostname.com
Note: This should all be on one line.
d. The authorized_keys2 file must be write/readable only by that user, so run the following command:
- chmod 600 ~/.ssh/authorized_keys2
6. Attach the private key to the PuTTY profile.
- a. Launch PuTTY again and load the profile of your NPS server (nps.hostname.com).
b. Go to SSH -> Auth and select Browse.
c. Browse your file system and select your previously-created private key.
d. Select Session and then Save to attach the private key to the nps.hostname.com PuTTY profile.
7. The system is now configured for the first key-based login to the NPS server.
- a. With the session still listed, select Open.
b. As you can see, the public key is now used for authentication, and you are asked for the passphrase (the one you specified in section 4).
8. Let Pageant remember your key passphrase.
Whenever you use your key-based login , you still have to specify your key passphrase. This can be inconvenient if you connect to the NPS server multiple times a day. Instead, you can list the passphrase in Pageant, which will then provide the passphrase whenever you log in to your NPS server.
- a. Start pageant by double-clicking its executable file.
b. You will see the pageant icon in the taskbar.
c. Double-click the pageant icon in the taskbar. Select Add Key.
d. Browse your file system and select your private key profile.
e. Enter the passphrase for the private key.
f. The key is now listed in pageant's key list. Select Close.
As long as pageant is running in the taskbar, you can log in to your NPS server without providing the passphrase; Pageant will supply the password to PuTTY.
As a test, load the session to the NPS server from PuTTY. You will see that it automatically logs you in using the agent.
9. Create a shortcut to Pageant with a path to the private key profile.
When you stop Pageant, it forgets all keys. As a result, the next time you start Pageant, you must add the keys again. To avoid having to do this, you can create a shortcut on the desktop to the Pageant executable.
- a. Right-click the Pageant executable and select Create Shortcut.
b. You should now find a shortcut. Right-click it and select Properties.
c. In the Target field, you will find the path to pageant.exe, for example, "C:\Program Files\PuTTY\pageant.exe". (Note that if there are no spaces in your path, you do not need the quotation marks).
d. Add the location of your private key to that line. For example if the private key is located at C:\Program Files\PuTTY\My Keys\PrivateKey_nps.hostname.com.ppk then the line should look like this:
- "C:\Program Files\PuTTY\pageant.exe" "C:\Program Files\PuTTY\My Keys\PrivateKey_nps.hostname.com.ppk"
e. Select OK.
Now when you double-click on the Pageant shortcut, Pageant will automatically load your private key and ask you for the passphrase. Enter it for streamlined login to your system.
Related Information
[{"Product":{"code":"SSULQD","label":"IBM PureData System"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":null,"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.0.0","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Historical Number
NZ287720
Was this topic helpful?
Document Information
More support for:
IBM PureData System
Software version:
1.0.0
Document number:
462095
Modified date:
17 October 2019
UID
swg21569766