1. Overview
This document explains how to configure SSH key authentication from a Windows host to a Linux Virtual Machine running in Oracle VM VirtualBox using PuTTY.
The setup allows secure, passwordless login and file transfer for system administration, automation, and development.
2. System Architecture
Host System Windows PC
Virtual Machine Linux (Debian/Ubuntu)
Virtualization Platform Oracle VM VirtualBox
SSH Client PuTTY
Key Generator PuTTYgen
Network Mode NAT with Port Forwarding
3. Network Topology
Connection Flow
Windows Host ↓ 127.0.0.1:2222 ↓ VirtualBox NAT Port Forward ↓ Linux VM SSH Server (Port 22)
4. VirtualBox Network Configuration
Open VirtualBox:
VM → Settings → Network
Adapter 1 configuration:
Attached to: NAT
Open:
Advanced → Port Forwarding
Create the rule:
Name: SSH Protocol: TCP Host Port: 2222 Guest Port: 22
This allows the host to connect to the VM through:
127.0.0.1:2222
5. Install OpenSSH Server in Linux VM
Check service status:
sudo systemctl status ssh
If not installed:
sudo apt update
sudo apt install openssh-server
Start and enable the service:
sudo systemctl start ssh
sudo systemctl enable ssh
Confirm the service is active.
6. Generate SSH Key Pair
Inside the Linux VM:
ssh-keygen -t rsa -b 4096
Press Enter for default location.
Files created:
~/.ssh/id_rsa ~/.ssh/id_rsa.pub
Explanation:
id_rsa → private key id_rsa.pub → public key
7. Install Public Key
Add the public key to the authorized keys list:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
8. Secure SSH Permissions
SSH requires strict permissions.
Run:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chmod 600 ~/.ssh/id_rsa
Verify:
ls -l ~/.ssh
Expected result:
drwx------ .ssh
-rw------- authorized_keys
-rw------- id_rsa
-rw-r--r-- id_rsa.pub
9. Convert Key for PuTTY
PuTTY uses .ppk format.
Open PuTTYgen.
Steps:
- Click Load
- Change file filter to All Files
- Select
id_rsa - Click Save private key
- Save as
id_rsa.ppk
10. Configure PuTTY Connection
Open PuTTY.
Session settings:
Host Name: 127.0.0.1 Port: 2222 Connection Type: SSH
Authentication key:
Connection → SSH → Auth
Select the file:
id_rsa.ppk
Optional configuration:
Connection → Data
Auto-login username:
sithuhtin
Save the session for future use.
11. Connect to the VM
Click Open.
Expected successful login:
sithuhtin@vbox-debian13:~$
No password prompt should appear.
12. Troubleshooting
Server refused our key
Ensure the public key exists in authorized_keys.
cat ~/.ssh/authorized_keys
Add it again if necessary.
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Incorrect Permissions
Fix permissions:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Key Mismatch
Verify PuTTY key was generated from the correct file:
~/.ssh/id_rsa
Check SSH Server Logs
sudo journalctl -u ssh -f
13. File Transfer with SCP
Install OpenSSH Server on Windows if file transfers are needed.
PowerShell:
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Check user account:
whoami
Example output:
sithu-pc01\sithu htin
Copy file from Linux to Windows:
scp ~/.ssh/id_rsa "sithu htin"@192.168.1.10:/C:/Users/Sithu\ Htin/.ssh/
14. Verify Windows SSH Service
Check service status:
Get-Service sshd
Verify listening port:
netstat -ano | findstr :22
15. Security Best Practices
- Protect private keys carefully.
- Use strong key lengths (4096-bit recommended).
- Disable password authentication when keys work.
- Restrict SSH access using firewall rules.
- Regularly audit authorized_keys.
16. Useful Commands
Check SSH service
systemctl status ssh
Restart SSH
sudo systemctl restart ssh
List SSH files
ls -l ~/.ssh
17. Summary
This setup provides:
Secure remote login Passwordless authentication File transfer capability Lab environment for system administration practice
The environment can be reused for development, DevOps automation, and networking labs.