How to copy PuTTY SSH Hosts Keys between different users/machines on Windows

Leave a comment
LinkedIn0

Intro

Sometimes you would want to copy PuTTY hosts SSH keys between different users or machines. Having the keys stored will prevent the pop-up message in PuTTY (or Plink/PSCP) when you try to connect to the remote host for the first time.

Some of the cases you would want to do that is:

  • Solution was developed and tested on one machine but will need to run on an other
  • You want to carry you host keys from one machine to another

This article is about copying PuTTY SSH hosts keys focused on doing so on Windows machines.

Method

The Putty SSH hosts keys are saved in registry in

[HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys]

for the current user.
So if you are copying keys for the current user you are logged in with (but between different machines) its easy. Just export the relevant registry path and import it on the destination machine.

The problem raises when you want to copy keys to profile of a user other then the user you are currently logged in with.

Identify your destination in registry

  • Open command line (on the target server) and run
    REG QUERY HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\hivelist | findstr TARGETUSER
  • For example I want to copy my keys to user ilya_adm
C:\REG QUERY HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\hivelist | findstr ilya_adm
    \Registry\User\S-1-5-21-1229272821-1123561945-839522115-123456    REG_SZ    \Device\HarddiskVolume1\Users\ilya_adm\NTUSER.DAT
    \Registry\User\S-1-5-21-1229272821-1123561945-839522115-123456_Classes    REG_SZ    \Device\HarddiskVolume1\Users\ilya_adm\AppData\Local\Microsoft\Windows\UsrClass.dat
  • Note the GUID S-1-5-21-1229272821-1123561945-839522115-123456
  • Due to the above the destination location in registry will be [HKEY_USERS\S-1-5-21-1229272821-1123561945-839522115-123456\Software\SimonTatham\PuTTY\SshHostKeys]

Manually update the registry

You can manually duplicate a single host key entry by creating a new STRING value in the destination registry location ( [HKU\S-1-5-21-….-123456\Software\SimonTatham\PuTTY\SshHostKeys]) and copy the Name and Value from the source location (HKCU\Software\SimonTatham\PuTTY\SshHostKeys)

Export/Import PuTTY SSH Hosts keys

Perform with caution and preferably back up the destination registry location

  • Export the they host keys from source location to a file.

From command line run

REG EXPORT HKCU\Software\SimonTatham\PuTTY\SshHostKeys c:\temp\source.reg

  • Open the c:\temp\source.reg file
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys]
"rsa2@22:123.xx.1237"="0x10001,0xaeda610d2dea35d252c8410cb6c7
"rsa2@22:123.xx.12319"="0x10001,0xd9f47896e1aaebb85d801ac5d75
"rsa2@22:123.xx.1238"="0x10001,0xf3ce0d57f72f09b4f48d23c763fe
"rsa2@22:123.xx.123213"="0x10001,0xd9f47896e1aaebb85d801ac5d7
  • In the file the change the location to be the destination. for example

update
[HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys]
to be
[HKEY_USERS\S-1-5-21-1229272821-1123561945-839522115-123456\Software\SimonTatham\PuTTY\SshHostKeys]

Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-1229272821-1123561945-839522115-123456\Software\SimonTatham\PuTTY\SshHostKeys]
"rsa2@22:123.xx.1237"="0x10001,0xaeda610d2dea35d252c8410cb6c7
"rsa2@22:123.xx.12319"="0x10001,0xd9f47896e1aaebb85d801ac5d75
"rsa2@22:123.xx.1238"="0x10001,0xf3ce0d57f72f09b4f48d23c763fe
"rsa2@22:123.xx.123213"="0x10001,0xd9f47896e1aaebb85d801ac5d7
  • Save the file and import

From command line run

    REG IMPORT c:\temp\source.reg

Done

That’s it. Now you have the all the PuTTY SSH hosts keys from the source (user/machine) registry in the  destination (user/machine) registry.

Image by Brenda Clarke

LinkedIn0

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.