HOWTO setup Outlook (Express) to use PuTTY SSH Tunnels

This document provides a HOWTO approach to setup Outlook to use PuTTY tunnels for sending and receiving mails from afs.nbi.dk. Although this is specific to afs.nbi.dk, it can easily be adapted to other servers.

The steps to do

  1. Download and install PuTTY on your Windows machine
  2. Create an OpenSSH RSA2 public/private key
  3. Import the OpenSSH key into PuTTY
  4. Setup a tunnel session in PuTTY
  5. Setup Outlook (Express) to use your tunnels

Download and install PuTTY on your Windows machine

If you haven't already downloaded and installed the full PuTTY suite, do so now.

Go to http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html, and pick the file putty-<version>-installer.exe (where <version> is the current version - at the time of this writing it was 0.55).


Click to enlarge

Click to enlarge

Choose to install the PuTTY suite right away, modifying installation paths to your liking.

Create an OpenSSH RSA2 public/private key

Next we need to create a OpenSSH RSA2 public/private key pair. If you already have one, make sure you copy it to the .ssh subdirectory of your home directory on afs.nbi.dk.

Start up PuTTY on your Windows box, and log into afs.nbi.dk, accepting the host key if asked to do so.

(Please note, that you should use your own login name on afs.nbi.dk instead of cholm)


Click to enlarge

Click to enlarge

Click to enlarge

Having logged into afs.nbi.dk, we need to create the OpenSSH RSA2 private/public key pair. Simply type

        ssh-keygen -t rsa
          

In the prompt, and press ENTER to any prompt your presented with.


Click to enlarge

Next, we need to allow logins using the SSH RSA private/public key pair. This we do by creating the file authorized_keys2 in the .ssh subdirectory of your home directory on afs.nbi.dk. It should contain your public key. We do that simply by

       cd .ssh
       cp id_rsa.pub authorized_keys2
          

Click to enlarge

Import the OpenSSH key into PuTTY

We need to copy the public/private key pair created above to your Windows machine. We'll put the key pair in the subdirectory ssh beneath your user directory (something like C:\Documents and Settings\<Your Name>), so you need to create that directory first.


Click to enlarge

Click to enlarge

Start up psftp from Start Menu->Programs->PuTTY->psftp.


Click to enlarge

In the psftp client, open a connection to afs.nbi.dk, go to the ssh subdirectory of your user directory on your Windows machine, go to the .ssh subdirectory of your home directory on afs.nbi.dk, and transfer the recently created public/private key pair to your local machine. This you do with the following commands in the psftp terminal:

        lcd "Docume~1\foo\ssh"
        open afs.nbi.dk
        cd .ssh
        get id_rsa
        get id_rsa.pub
        bye
    

Note, that you should use your own user name on afs.nbi.dk rather than cholm.


Click to enlarge

Having transfered the OpenSSH RSA private/public key pair, to your Windows box, we need to import them into PuTTY so we can use it to automatically log into afs.nbi.dk. Start the program PuTTYGEN which came with the PuTTY suite. You'll find it in something like Start Menu->Programs->PuTTY->puttygen


Click to enlarge

Choose Load in the PuTTYGEN window, and navigate to the newly created ssh directory where we downloaded the OpenSSH RSA private/public key pair. Then choose to show All Files (*.*) in the file dialog.


Click to enlarge

Next choose the private key file id_rsa, and open that.


Click to enlarge

Next you should see a message box, telling you that the key was imported successfully, and that you should save it in the PuTTY format if you want to use it with PuTTY.


Click to enlarge

Next, choose Save private key, and save the PuTTY Private key in the same directory, and call it id_rsa.ppk.


Click to enlarge

We now have successfully imported our OpenSSH private/public key pair, and it's time to create our tunnel session in PuTTY.

Setup a tunnel session in PuTTY

First, start up PuTTY from something like Start Menu->Programs->PuTTY->putty


Click to enlarge

We start by making a new session, called say Mail Tunnels. In the "host" field type in afs.nbi.dk, select port SSH in the radio-boxes, and Saved Sessions field type in Mail Tunnels, and hit Save to save the session.


Click to enlarge

Next, in the tree on the left hand side choose Connection, and in the Auto-login username field type in your user name on afs.nbi.dk.


Click to enlarge

Select tree item SSH->Auth, and select the Browse button and navigate the recently created ssh directory, and select the id_rsa.ppk PuTTY private key file, and open that.


Click to enlarge

So far we've been setting PuTTY up to do automatic logins, and haven't really done anything to setup our tunnels. That it the next step.

Select the tree item SSH->Tunnels. Here we should add at least 2 tunnels: One for SMTP (sending mail) and one for POP (retrieving mail).

To setup our POP port tunnel, type in 11110 in the Source Port field, and up.nbi.dk:110 in the Destination field, select the Local radio box, and press Add to register the tunnel. The number 11110 can be any number that's larger than 1000. However, later we'll assume that you've used 11110.


Click to enlarge

We do the same thing for the SMTP port, with the values Source Port: 2525, Destination: up.nbi.dk:25, and Local checked.


Click to enlarge

Finally, you should go back to the Session tree item, and hit Save to save the session settings.

If you double-click the session name Mail Tunnels, you'll open a new SSH session with the tunnels started.

In the future, you should start this session before starting Outlook (Express). Next, we need to make Outlook (Express) use your SSH Tunnels.


Click to enlarge

Setup Outlook (Express) to use your tunnels

The interface varies slightly between Outlook (from MS Office Professional or MS WindowsXP Pro) and Outlook Express (from MS Works or MS WindowsXP Home). To help you a bit, I'll show you screen shots of both programs - first the Outlook version and then the Outlook Express version.

Note: I do not have Outlook on my Windows machine yet, so for know, there's no Outlook screen shots.

Start by firing up you mail client Outlook (Express), and select the account configuration tool.


Click to enlarge

Click to enlarge

Select the Mail tab, and select your afs.nbi.dk mail account, and open the properties of that account. In the properties window, select the Servers tab. In the fields Incoming Mail (POP3), and Outgoing Mail (SMTP), enter localhost.


Click to enlarge

Click to enlarge

Select the Advanced tab. In the Outgoing Mail (SMTP) field type in 2525, and in the Incoming Mail (POP3) field enter 11110.

Now hit OK, and you're set to go.


Click to enlarge

Click to enlarge

Bjorn Nilson & Christian Holm Christensen.
Last modified: Tue Sep 7 11:37:34 CEST 2004