projects / u / mdw / putty / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Miscellaneous small documentation tweaks.
[u/mdw/putty] / doc / pageant.but
1 \C{pageant} Using Pageant for authentication
2
3 Pageant is an SSH authentication agent. It holds your private keys
4 in memory, already decoded, so that you can use them often without
5 needing to type a passphrase.
6
7 \H{pageant-start} Getting started with Pageant
8
9 Before you run Pageant, you need to have a private key. See
10 \k{pubkey} to find out how to generate and use one.
11
12 When you run Pageant, it will put an icon of a computer wearing a
13 hat into the System tray. It will then sit and do nothing.
14
15 If you click the Pageant icon with the right mouse button, you will
16 see a menu. Select \e{View Keys} from this menu. The Pageant main
17 window will appear. (You can also bring this window up by
18 double-clicking on the Pageant icon.)
19
20 The Pageant window contains a list box. This shows the private keys
21 Pageant is holding. When you start Pageant, it has no keys, so the
22 list box will be empty.
23
24 To add a key to Pageant, press the \e{Add Key} button. Pageant will
25 bring up a file dialog, labelled \q{Select Private Key File}. Find
26 your private key file in this dialog, and press \e{Open}.
27
28 Pageant will now load the private key. If the key is protected by a
29 passphrase, Pageant will ask you to type the passphrase. When the
30 key has been loaded, it will appear in the list in the Pageant
31 window.
32
33 Now start PuTTY and open an SSH session to a site that accepts your
34 key. PuTTY will notice that Pageant is running, retrieve the key
35 automatically from Pageant, and use it to authenticate. You can now
36 open as many PuTTY sessions as you like without having to type your
37 passphrase again.
38
39 When you want to shut down Pageant, click the right button on the
40 Pageant icon in the System tray, and select \e{Exit} from the menu.
41 Closing the Pageant main window does \e{not} shut down Pageant.
42
43 \H{pageant-forward} Using agent forwarding
44
45 \# Walk the user through enabling agent forwarding and starting a
46 \# second-level session.
47
48 \# Demonstrate the use of ssh-add at the remote end.
49
50 \H{pageant-security} Security considerations
51
52 \# Explain that local use of Pageant allows you convenient one-touch
53 \# authentication without ever storing a decrypted key on disk
54
55 \# Explain that, despite this, it still doesn't protect you against
56 \# your local machine being hacked (swap files, but more importantly
57 \# trojans)
58
59 \# Explain that forwarding agent connections to a remote site
60 \# can be abused by the sysadmin of that site, so you'd better know
61 \# you can trust them
Local modifications for Simon Tatham's `PuTTY' SSH client and terminal emulator