On Reusing Your Windows key.ppk File

The PPK file is a PuTTY-specific private key. It's not a portable private key that works with any ssh-based application. It just works with PuTTY. You need to convert it first. I've found some instructions for converting it to a proper public/private key pair here. You'll need to do this from your Windows machine.

That will give you a private key, key.ssh, that will work with ssh on your Mac. Put the key.ssh file in your ~/.ssh/ directory. Make sure the permissions are correct:

% chmod 400 ~/.ssh/key.ssh 

And then you can use it with your ~/.ssh/config file like so:

Host domain.com IdentityFile ~/.ssh/key.ssh User username 

If you no longer have access to your Windows machine you'll need to generate a fresh public/private key pair to use with your web server.

On Generating a Fresh Keypair To Use With Your Mac

Honestly, this is the best way to go here.

Password-less authentication with shared keys requires that both machines have a piece of the shared/public key pieces. Here's a complete recipe for setting up a shared key authentication scheme with two servers. It's not really OS X-specific. It's ssh-specific.

These instructions assume host1 is your Mac and host2 is your web server.

Generate a shared key on host1 (the shared key will be /Users/you/.ssh/webserver.pub and the private key will be /Users/you/.ssh/webserver):

% ssh-keygen -t rsa -b 2048 -f ~/.ssh/webserver Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in webserver. Your public key has been saved in webserver.pub. The key fingerprint is: 98:b7:fa:0f:0d:e7:7f:50:cc:9b:b4:57:db:8d:b4:03 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | | | | | o | | o E * .| | o S . = *=| | . * . B.+| | o o . o | | . . . . | | ..... .. | +-----------------+ 

Note: I didn't enter a password for the key because I don't want to have to use a password when I use the use.

Now you need to append the ~/.ssh/webserver.pub public key to the ~user/.ssh/authorized_keys file on host2, your webserver.

% ssh user@host2 'mkdir ~/.ssh;echo '`cat ~/.ssh/webserver.pub`' >> ~/.ssh/authorized_keys' 

For this to work you will need password access to the remote host. If you don't have this you can give ~/.ssh/webserver.pub to someone who does have access to the box and ask them to append it to the authorized_keys file for you perhaps. Or do it from your windows machine where you still have access.

Now make sure your private key is safe on your Mac:

% chmod 400 ~/.ssh/webserver* 

ssh can get complain-y if your private/public keypairs are world readable or writeable.

Finally, you can add the following to your ~/.ssh/config file to invoke the right key combination when you try to ssh in to your web server:

Host domain.com IdentityFile ~/.ssh/webserver User username 

This will get you the password-less, keypair-based authentication you desire.