My notes and thoughts about Linux, WordPress, PHP and many more.
Using Keepas and PuTTY you can make your login secure using a command line tool for communicating with an SSH server. If you are a webmaster, you should be using SSH for uploading and downloading files because they are more secure than using FTP method. SSH encrypts communication between your computer and the SSH server in your hosting company. So if Mr. Bad Guy is monitoring your communications, he will be greatly disappointed.
PuTTY though is much more challenging than FTP particularly that this does not allow storing passwords for security reasons. This means that every time you log on to PuTTY you are required to enter your username and password.
There are solutions for password-less Putty communication to a server such as discussed in this tutorial: http://www.dailyiteration.com/howto-passwordless-ssh-authentication-with-putty/, but it requires knowledge of encryption keys and authentication which is too much for a beginner or novice webmasters.
This short guide will focus on the most efficient method of entering usernames and passwords in the PuTTY terminal- the copy and paste method.
Copy and paste alone is not even secure by design. Your username and password will stay in the clipboard for a very long time unless it is intentionally cleared (through pressing Esc key or other methods). It is even more insecure if you are typing your username and passwords. Assuming the high risk level of key loggers in your computer that are undetected; they can sniff your login information easily if you type it. Therefore the safest way to copy and paste login details from Keepas: http://keepass.info/
Recommendation: It is highly recommended that you do not rely on encryption alone to protect your passwords. You still need a high level security in your computer by installing reputable third party antivirus either Kaspersky, Bitdefender or Nod Eset 32 to detect and prevent these malware from abusing your Windows computer and compromising your login.
Keepas stores password with high encryption and expires password in 10 seconds by default (you can customize this, the lesser the better) after copying it. This makes it highly secure if you are using copy and paste because it is cleared in a very short time from the clipboard.
The less familiar part is how to paste the username and password in the PuTTY terminal. These are the actual steps (for efficiency, open BOTH the Keepas and PuTTY terminal window before doing the steps below):
Step1. Initiate the SSH server connection using PuTTY; this is done by clicking “Open”.
Step2. PuTTY will ask for a username.
Step3. Now right click on the login entry of your Keepas for that specific website then click “Copy Username”.
Step4. Now in the PuTTY; RIGHT CLICK your mouse accurately on the light green colored cursor at the “login as:” field. This will automatically paste your username.
Step5. Press enter key, PuTTY will ask for your password.
Step6. Right click on the Keepas entry of your website and then click “Copy Password”.
Step7. RIGHT CLICK again ACCURATELY on the light green color on the password field. RIGHT CLICKING automatically pastes your password. You won’t see it for security reasons.
Step8. Now press enter key. If your login details are correct, you should be able to connect to your hosting SSH server.
The secret word to become efficient when doing copy paste of login details to PuTTY is doing “RIGHT CLICK”.
TIPS: If you are using Ubuntu; Linux terminal (Accessories – Terminal) can used to connect to the SSH server with the same functionality as PuTTY:
Command is: ssh [email protected]
Of course it assumes your hosting SSH server is using port 22. But in case it is using different SSH port:
Command is: ssh –p 1234 [email protected]
In the example above, SSH port is 1234.
It allows you to paste the username and password from Keepas (works with Ubuntu Wine) by going to “Edit –Paste”. Personally, this is what I’m using when I’m in Linux. I only use PuTTY on Windows.