Security Conscious,
High Availability Unix Hosting 		SSH from Windows micro-howto
Language:
[English] [Français] [Norsk]
BBB Privacy Seal BBB Reliability Seal

Here is a step-by-step guide to logging into your Unix shell from a Windows computer using PuTTY, conducting secure file transfers using the graphical WinSCP client, and accessing CVS repositories over SSH using either the graphical WinCVS client or the standard command-line CVS.

These programs are free software and will allow you to communicate with a csoft.net server without broadcasting passwords and other sensitive information over the network "in the clear".

Logging in to your Unix shell

This is the first and most important step. Download putty.zip for Intel x86 package from the PuTTY download page. Unpack it and save putty.exe to some convenient location such as the C:\WINDOWS\COMMAND\ folder.

Alternatively, download the latest putty-X.XXX-installer.exe, which contains a suite of command-line utilities.

Now, click on your Start button, click on Run, and type in putty. This brings up the PuTTY Configuration window. in the Session category, do the following:

  1. In the Host Name box, type your server's host name (if you forgot it, log on to the web interface and it will be displayed).
  2. Select SSH to be the protocol. This also sets the Port to 22.

In the Connection category, do the following:

  1. Type your csoft.net username in the box labelled Auto-login username.
  2. Now, go back to the Session category. In the Stored session box, enter some arbitrary name such as "csoft" and click on Save. Now "csoft" will appear in the box underneath. Click on it and press Open. This should start a shell session and you will be prompted for your password.

Secure file transfers

The putty.zip package consists of a collection of command-line utilities, which will enable the user to connect and conduct file transfers in a secure manner. The two most significant transfer tools in the collection are: pscp.exe, a copy program, and psftp.exe, an FTP-style client.

If you wish to use a graphical interface, there is an excellent open-source scp/sftp client, called WinSCP, freely available for download here. WinSCP goes beyond the basic file transfer operations and allows the user to manage directories and file attributes, such as setting permissions and group ownership on files or directories. In addition with WinSCP, the user can perform remote text file editing.

Using CVS over SSH
There are many graphical and command-line CVS clients available under Windows and some IDEs also provide CVS functionality. Note that CVS over SSH is slow and the CVS protocol is rather obsolete. We recommend that new repositories be created using Subversion instead of CVS (existing repositories can also be converted using the cvs2svn utility. Under Windows, there is a Windows shell extension called TortoiseSVN which is much easier to use than any of the solutions described here.
Using WinCVS

You can download the WinCVS client from the WinCVS homepage. Once WinCVS is running, select Admin/Preferences to enter the CVS repository settings. Enter the CVSROOT (e.g., cvsusername@server:/path/to/cvsroot) and select SSH server as the authentication mode. For security reasons, we recommend that CVS repositories be accessed through "CVS-only" accounts created from csoftadm, not your main Unix account. Leave the Use version setting to "cvs 1.10 (Standard)". It is also recommended to select a TCP/IP compression level of 3 (in the Globals tab).

Make sure that you have the following Cygwin packages installed. If you don't have Cygwin installed, get the Cygwin installer from the Cygwin home page (click on "Install Cygwin now").

  • Base/textutils
  • Net/openssh
  • Net/openssl
  • Net/rsync
  • Shells/bash
  • Shells/ash

Back to the WinCVS preferences window, select the Ports tab. Say you have Cygwin installed in C:\Cygwin, check the Check for an alternate rsh name option, enter the path C:\Cygwin\bin\ssh and you're done. Checking out modules should work at this point.

Using the command-line cvs

The "standard" Unix cvs is available as a Cygwin package and it supports the SSH protocol. The cvs micro-howto instructions also apply to the Cygwin port of cvs.

Obtain the Cygwin installer from the Cygwin homepage and make sure that at least the following packages are installed:

  • Base/textutils
  • Base/diffutils
  • Devel/cvs
  • Net/openssh
  • Net/openssl
  • Net/rsync
  • Shells/bash
  • Shells/ash

Start up the Cygwin bash shell and follow the instructions in the cvs micro-howto.

Using public-key authentication

If your workstation is secure, you can use passwordless public key authentication. It is important that you never use your main account username with this method, you must connect to a CVS-only account if you are going to use password-less authentication.

Start a Cygwin bash shell and issue: 

  $ ssh-keygen -t dsa -P ""

This creates a public key file in ~/.ssh/id_dsa.pub. Login to the web interface and click on the CVS-only account in the CVS accounts section. It will allow you to paste the contents of your local ~/.ssh/id_dsa.pub. Multiple keys can be assigned to each CVS account.

Alternatively, you can also paste your key using cvs pubkey add in the command-line csoftadm.

Links
Acknowledgements
  • Steve at epiwerks: Wrote the original PuTTY howto
  • Dameon D. Welch-Abernathy: Told us about WinSCP
This web site - © 2008 Csoft.net Hosting, Inc.
(Contact Us) (Our Privacy Policy) 		  End Software Patents!