Wednesday, January 21, 2009

KeePass and Putty

KeePass and Putty are software programs that work great together, especially in an enterprise where you have a lot of passwords to remember. Autotmatic Login to a Unix server is simply a “Ctrl+U” away.

First you need to setup your Putty Configuration, for example:

Servers are saved as sessions and Auto-login username is specified


In KeepPass you need to configure 1 entry per server. The URL entry is what makes KeePass more than a list of passwords.

If putty is in your $PATH then the command you typed in the URL field above (putty -load -pw XX) will also work from the command line. In the main KeepPass window you simply need to highlight the entry and press “Ctrl-U”.

9 comments:

Javier said...

Great! I was wondering how to link putty and sftp services with the same account. I suppose it's not possible.

Regards

sobamakura said...
This comment has been removed by the author.
sobamakura said...

cmd://"C:\Program Files\PuTTY\putty.exe" -load {TITLE} -pw {PASSWORD}

Anonymous said...

What about if we should go through a hopping station before logging to the real server?

Anonymous said...

Thanks for the tip. Much appreciated.

Note that, on Windows 7, KeePass doesn't seem to pick up changes to the PATH environment variables until it is restarted.

Michael Koch said...

According to the putty documentation, you need double quote in case the putty session name contains spaces.
Otherwise, putty is trying to connect to a string from the session name which most probably leads to unexpected results.
I would suggest to always use them in Keepass for the TITLE parameter. If you have different users to connect to your machine, I'd rather add the extra "-l" parameter to the command line in order to provide a user name and make a Keepass entry for every single user.

cmd://"C:\Program Files\PuTTY\putty.exe" -load "{TITLE}" -l {USERNAME} -pw {PASSWORD}

(Of course, you have to adjust the path to putty.exe like already mentioned)

Michael Koch said...

According to the putty documentation, you need double quote in case the putty session name contains spaces.
Otherwise, putty is trying to connect to a string from the session name which most probably leads to unexpected results.
I would suggest to always use them in Keepass for the TITLE parameter. If you have different users to connect to your machine, I'd rather add the extra "-l" parameter to the command line in order to provide a user name and make a Keepass entry for every single user.

cmd://"C:\Program Files\PuTTY\putty.exe" -load "{TITLE}" -l {USERNAME} -pw {PASSWORD}

(Of course, you have to adjust the path to putty.exe like already mentioned)

Michael Koch said...

Sorry for the double posting. These captchas are killing me ;-)

Anonymous said...

One thing to keep in mind while launching putty with the -pw parameter is that you expose the password in an unsafe matter.
It is possible to read the whole command line for each process (e.g. using Sysinternals Process Explorer) and therefor the password is potentially visible to anyone who has access to the system.