I will describe here how to install and setup Bitvise SSH Client (Tunnelier) for Windows. Also there will be step-by-step manual of the key generation process and client setting up to create secure connection to a SSH server.
Tunnelier is client for Windows for both SSH and SFTP. This is a very nice and easy to use product. In my opinion, one of the best for the Windows in this area. It is simple to use, reliable, and, unlike PuTTY, SFTP client has graphical interface. Furthermore, now it is free to any kind usage. Also You can buy the paid version to support the project.
You can download Bitvise SSH Client (Tunnelier) for Windows here. During installation process you will be asked to read and agree to the terms of the license agreement. When the installation is complete, Bitvise SSH Client (Tunnelier) for Windows icon appears on the desktop.
Key generation for Bitvise SSH Client
Always, when we begin to work with any SSH client (for OSX and Linux OpenSSH or Windows PuTTY), we start with generation a key pair to create a secure connection to the server. After clicking on the link “Client key manager” (Fig. 1) You will see key manager window (Fig. 2). Click there the button “Generate New“.
Now we have to set parameters for key generation (Fig. 3)
- Location is address the key pair in the key storage (1). Using this address, we can choose which key par (if there are more than one) should be used during the session. For example, we will use #2. When we finish key generation, those keys will be stored in slot #2.
- Encryption Algorithm (2). We’ll select RSA (the default) because DSA is deprecated for SSH connections.
- Size (3). Here we have to choose the size of our new keys. The more bits in the key then more secure connection will be. But from other side, it will take more processor power to calculate. So in busy servers long keys can be a problem. So I think that 2048 bits is a good compromise between security and needed computer resources. May be in the future You will need longer keys, but today 2048 bits is enough.
- Password to decrypt the private key (4,5). It is necessary to guess a good password (what is a good password I have written here) and type it twice without any errors.
- Click the button “Generate” to start generation process.
After a while the line “Slot 2” appears in the Key Manager window, with brief parameters of our new key pair (Fig. 4). To use them, you need to export the public key in authorized_keys2 file and write/move it to the server.
Click the button “Export“, and in the appeared window (Fig. 5) select “Export Public key“, “OpenSSH format” and click button “Export“. Close the key management window.
Next, you need to place or add file authorised_keys2 to the server. How this can be done I wrote in detail in the post “How to configure the SSH server“.
Secure connection to the server with Bitvise SSH Client
Now came the turn of the session parameters. All is mostly similar to the settings in the PuTTY, but easier because that all the necessary parameters is located in one tab (Fig. 6.):
- We have to set the IP address (better) or the fully qualified domain name (worse) of the server to be connected (Fig. 6, 1).
- Enter your username on the server (2). Earlier we have chosen admin. Then You have to select connection method. In this case it should be “publickey“. We remember, that this is the most secure way to connect to the server (“How to configure the SSH server“). And You need to use the keys from the slot 1. If You want to connect to more than one server, choose the appropriate key pair for the server, you want to connect. Make sure you choose the right pair. This is the one from which You saved in authorized_keys file and transferred to this server. Finally, You have to type the password to decrypt the selected key pair.
- Click the button “Login” to create a secure connection to the specified in Fig. 6(1) server.
If the connection to the server you make for the first time, the Bitvise SSH Client (Tunnelier) for Windows will ask you to confirm the host key of the server (Fig. 7). To do this, press the button “Accept and Save“. Then You will not see this window any more.
But there may be a problem. If You completely reinstall the server with the same IP address, when you try to connect, Bitvise Tunnelier says that the wrong host key of the server, and refuses to connect. The decision is following. You should go to the main tab of Bitvise SSH Client (Tunnelier) for Windows. Then click the link “Host key manager” and remove the old server key (and if you can not find that, remove all host keys). When you establish a new connection, a new host key will be stored.
Next, you need to re-confirm the user name and connection method (Fig. 8).
Then Bitvise SSH Client (Tunnelier) for Windows will open two windows:
the first is SSH session terminal window (Fig. 9)
and another is graphical SFTP client for secure file transfer (Fig. 10).
One can see here that it is much easier in usage because of the graphic interface. So one can simply drag and drop files and folders between computer and server.
If You are going to manage multiple servers using Bitvise SSH Client (Tunnelier) for Windows, you have to create multiple configurations and save them with understandable names using the “Save profile as” button in the left sidebar of the main menu. In this case, you can use any number of key pairs, either only one. It the last case you have to place corresponding file authorized_keys2 on each server.
In this post I have described how to install and configure Bitvise SSH Client (Tunnelier) for Windows.