Monday, June 29, 2026

generate ppk with putty

 

Create SSH key pair on Windows

In this section, you use PuTTY Key Generator to create a public SSH key and private key pair to use when you create a secure connection to Linux machines in your Azure Stack Hub instance. PuTTY is a free terminal emulator that can allow you to connect to a server via SSH and Telnet.

  1. Download and install PuTTY for your machine.

  2. Open PuTTY Key Generator.

    PuTTY Key Generator with a blank Key box

  3. Under Parameters, select RSA.

  4. In the Number of bits in a generated key box, enter 2048.

  5. Select Generate.

  6. In the Key area, generate some random characters by moving the cursor over the blank area.

    PuTTY Key Generator with a populated Key box

  7. Enter a Key passphrase and confirm it in the Confirm passphrase box. Note your passphrase for later use.

  8. Select Save public key, and save it to a location where you can access it.

  9. Select Save private key, and save it to a location where you can access it. Remember that it belongs with the public key.

Your public key is stored in the text file you saved. The text looks like the following:

text
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20190330"
THISISANEXAMPLEDONOTUSE AAAAB3NzaC1yc2EAAAABJQAAAQEAthW2CinpqhXq
9uSa8/lSH7tLelMXnFljSrJIcpxp3MlHlYVbjHHoKfpvQek8DwKdOUcFIEzuStfT
Z8eUI1s5ZXkACudML68qQT8R0cmcFBGNY20K9ZMz/kZkCEbN80DJ+UnWgjdXKLvD
Dwl9aQwNc7W/WCuZtWPazee95PzAShPefGZ87Jp0OCxKaGYZ7UXMrCethwfVumvU
aj+aPsSThXncgVQUhSf/1IoRtnGOiZoktVvt0TIlhxDrHKHU/aZueaFXYqpxDLIs
BvpmONCSR3YnyUtgWV27N6zC7U1OBdmv7TN6M7g01uOYQKI/GQ==
---- END SSH2 PUBLIC KEY ----

When an application requests the key, you copy and paste the entire contents of the text file.

Connect with SSH by using PuTTY

When you install PuTTY, you have both the PuTTY Key Generator and an SSH client. In this section, you open the SSH client, PuTTY, and configure your connection values and SSH key. If you're on the same network as your Azure Stack Hub instance, you connect to your VM.

Before you connect, you will need:

  • PuTTY
  • The IP address and username for the Linux machine in your Azure Stack Hub instance that uses an SSH public key as the Authentication type.
  • Port 22 to be open for the machine.
  • The private SSH key that paired with the public key.
  • The client machine that runs PuTTY to be on the same network as your Azure Stack Hub instance.

  1. Open PuTTY.

    The PuTTY Configuration pane

  2. In the Host Name (or IP address) box, enter the username and public IP address of the machine (for example, username@192.XXX.XXX.XX).

  3. Validate that the Port is 22 and the Connection type is SSH.

  4. In the Category tree, expand SSH and Auth.

    The PuTTY Configuration pane - SSH private key

  5. Next to the Private key file for authentication box, select Browse, and then search for the private key file (<filename>.ppk) of your public and private key pair.

  6. In the Category tree, select Session.

    The PuTTY Configuration pane "Saved Sessions" box

  7. Under Saved Sessions, enter a name for the session, and then select Save.

  8. In the Saved Sessions list, select the name of your session, and then select Load.

  9. Select Open. The SSH session opens.

Posted by at No comments:

Create OpenVPN Access Server with Let's Encrypt (Azure)

Here's how you could install and configure OpenVPN in the Azure cloud. 
In this instance the pre-built vm was selected

Part of the default install will be Azure providing you with a PEM key. 
You'll want to save this and possible store it safely somewhere.

1.      Download PuTTY application

2.      With Azure, it provides you a PEM key to access the box using SSH.  (this is the password so to speak).  With PUTTY being a super popular way to SSH to a box, the PEM key needs to be converted to a PPK (Private Key File)

3.      Launch the PuTTYgen app.

Click Conversions > Import Key.

4.       Select the key file you used to generate your server.   
 With Azure, you dont need a keyphrase, you can just click "Save Private Key"

5.      Save private key.

  1. Close PuTTYgen.
  2. Connect with SSH by using PuTTY
  3. Open PuTTY, and configure your connection values and SSH key. 

The PuTTY Configuration pane

  1. In the Host Name (or IP address) box, enter the username and public IP address of the machine (for example, username@192.XXX.XXX.XX).
    The default user for azure ssh is "azureuser"
  2. Validate that the Port is 22 and the Connection type is SSH.
  3. In the Category tree, expand SSH and Auth, select "Credentials"

 

  1. Next to the Private key file for authentication box, select Browse, and then search for the private key file (<filename>.ppk) of your public and private key pair.
  2. In the Category tree, select Session.

The PuTTY Configuration pane "Saved Sessions" box

  1. Under Saved Sessions, enter a name for the session, and then select Save.
  2. In the Saved Sessions list, select the name of your session, and then select Load.
  3. Select Open. The SSH session opens.
  4. The default user for azure ssh is "azureuser"
  5. Logon to the server, you will be prompted to enter the user name, and if you have the key configured properly, you will be logged in.

  1. You will be asked to agree to the license

  1. You will then be asked a series of configuration question

21. In this example, all the defaults were selected.

22. You will also be presented with the random generated GUI password, so look for that

  1. Once the questions are answered, the final bits of configuration will be completed, and you will be presented with the logon information for the GUI

  1. Update the Ubunut installation with the latest
  2. sudo apt update

26. sudo apt upgrade -y

  1. In Azure, go to Network Settings 

28. Its a good idea to update the default SSH rule to be the WAN IP of your network to reduce chances of an attack through the SSH PORT



29. Click on the "SSH" and then change the SOURCE from ANY to IP Addresses

30. Then in the source IP put in your WAN ip



  1. SAVE the changes and select +Create Port Rule

  1. Set the destination port ranges to be "943" (default port used by OpenVPN Admin)
  2. Give it a NAME and then press add

 



 

  1. It will look like this when done

 

  1. If you are going to be adding some certificates to this box,
    you may need to add port '80' for the system to download the challenge files from the server
  2. Additionally, you will need to open port 443 and 1194 so that users can access this box
  3. Now try and access the server with the IP  and /admin provided in the example


Select Advanced



38. Select CONTINUE

  1. The "UNSECURE" means you have no CERTS for the box, yet.
  2. Enter in the credentials provided when you were configuring the system in the cli
  3. Enter in your credentials

42. openvpn / CvIrJINl4CBp

  1. You'll get prompted with a License Agreement



 

  1. You'll be in the GUI now

  1. Change the GUI openvpn admin password

46. Goto USERS -> OpenVPN -> Reset Password

  1. now lest add this new server to our existing license (you can share the licences among different servers)
  2. Logon to your OpenVPN.com license site.  

49. Copy the Activation key from your subscription

 

  1. Select "ACTIVATION" and then paste the key into the box and press "ACTIVATE"

 

  1. If successful you will be taken to a screen similar 

 

  1. The above picture shows "30" in yellow as the number of available licenses this account has, and the green shows the number of licenses in use on other servers.
  2. Now click on Certificate management

  1. Go into the DNS provider and add in the DNS name for this box and its ip.

    in my case, the domain is hosted in GoDaddy, so I go in an add an A record name for the box and its IP address


  2. In OpenVPN 
    put in the FQD name of the server that matches your FULL DNS name


  3. This link is openVPN server's link how to install Lets encrypt.  It works very well
  4. Access Server: Install Let's Encrypt SSL Certificates and Automate it via CertBot – OpenVPN Support Center

55. 



Posted by at No comments:

Friday, June 19, 2026

Block a spammer in your 365 Tenant

 You block a spammer in Defender in a 365 Tenant (as of June 2026, until MS changes their minds and moves it somewhere else)

In defender (security.microsoft.com)

-> Email & collaboration

-> Policies & Rules

->  Threat Policies

-> Tenant Allow/Block Lists

Click on "ADD"

    -> Select Block

In the "Add domains & Addresses" box put in the email address you want to block

Set the duration of the block

Click on "ADD"






Posted by at No comments:

Monday, June 15, 2026

User gets a new phone and needs to re-authenticate their Microsoft MFA

Find their user name in ENTRA 

Click on "Authentication Methods"

Click on "Require re-register multifactor authentication"

Have the user try and logon to a MS product.  It will prompt them to scan the QR code to re-register their MFA.



Posted by at No comments:

Monday, June 8, 2026

Teams error code 700003

 


Here's what worked for us

Opend a CMD prompt as administrator


Run the command

dsregcmd  /forcerecovery

Log back into Teams




Posted by at No comments:

Friday, May 22, 2026

Where do I find a users bitlocker key in 365 tenant?

Computer need a bitlocker recover?

Go to INTUNE

Select USERS

Search for the user in the list and select their name

Click on DEVICES 

Select the device assigned to the user that needs the key

Click on "BitLocker Keys"

Click on "SHOW RECOVERY KEY"

Click on the "eye" to show the "BitLocker recovery key"


You can send them the key now to unlock their machine


Posted by at No comments:

Thursday, May 21, 2026

Move data from onedrive to a sharepoint folder

 Have a situation where files are coming into a onedrive folder and they are wanted to be moved to a different folder in sharepoint.

Using PowerAutomate for this

In the source onedrive folder, "Create a flow"

Automate -> Power Automate -> Create a flow


You should see some flows appear that are common


Click on "See your flows" 

Then on the next screen that will come up, select "NEW FLOW" - Template


Look for "Move file from OneDrive for Business to Sharepoint and notify me


Make sure you are checkbox for the 3 items at the bottom and click on CONTINUE


You'll see this show up on your screen.



Click on "When a file is created"

In "Folder" section, click on the folder icon then select the folder that you want PowerAutomate to monitor.   In this example, we are looking at recordings


Click on "CREATE FILE"

In the "Site Address" put in the url for your sharepoint site.


If you have permissions to view the site
click on "FOLDER PATH" and the options should show up to where you can put it




Now click on SAVE

You can now TEST your script.  Click on TEST



Click on SAVE and TEST

Your system is now monitoring.  Drop a file into your onedrive and you should see it pretty quickly show up in the Sharepoint location

If everything is setup correctly, you should be good to go!  Powerautomate runs about every 5 minutes automatically.





Posted by at No comments:
Subscribe to: Posts (Atom)