-\versionid $Id: pubkey.but,v 1.12 2001/12/12 18:45:56 simon Exp $
+\versionid $Id: pubkey.but,v 1.18 2002/09/11 17:30:36 jacob Exp $
\C{pubkey} Using public keys for SSH authentication
\H{pubkey-puttygen} Using PuTTYgen, the PuTTY key generator
+\cfg{winhelp-topic}{puttygen.general}
+
PuTTYgen is a key generator. It generates pairs of public and private
keys to be used with PuTTY, PSCP, and Plink, as well as the PuTTY
authentication agent, Pageant (see \k{pageant}). PuTTYgen generates
-RSA keys.
+RSA and DSA keys.
When you run PuTTYgen you will see a window where you have two
choices: \q{Generate}, to generate a new public/private key pair, or
for a passphrase (if necessary) and will then display the key
details in the same way as if it had just generated the key.
+If you use the Load command to load a foreign key format, it will
+work, but you will see a message box warning you that the key you
+have loaded is not a PuTTY native key. See \k{puttygen-conversions}
+for information about importing foreign key formats.
+
+\S{puttygen-conversions} Dealing with private keys in other formats
+
+\cfg{winhelp-topic}{puttygen.conversions}
+
+Most SSH1 clients use a standard format for storing private keys on
+disk. PuTTY uses this format as well; so if you have generated an
+SSH1 private key using OpenSSH or \cw{ssh.com}'s client, you can use
+it with PuTTY, and vice versa.
+
+However, SSH2 private keys have no standard format. OpenSSH and
+\cw{ssh.com} have different formats, and PuTTY's is different again.
+So a key generated with one client cannot immediately be used with
+another.
+
+Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
+can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
+format. Once you have loaded one of these key types, you can then
+save it back out as a PuTTY-format key so that you can use it with
+PuTTY. The passphrase will be unchanged by this process (unless you
+deliberately change it). You may want to change the key comment
+before you save the key, since OpenSSH's SSH2 key format contains no
+space for a comment and \cw{ssh.com}'s default comment format is
+long and verbose.
+
+PuTTYgen can also export private keys in OpenSSH format and in
+\cw{ssh.com} format. To do so, select one of the \q{Export} options
+from the \q{Conversions} menu. Exporting a key works exactly like
+saving it (see \k{puttygen-savepriv}) - you need to have typed your
+passphrase in beforehand, and you will be warned if you are about to
+save a key without a passphrase.
+
+Note that since only SSH2 keys come in different formats, the export
+options are not available if you have generated an SSH1 key.
+
\H{pubkey-gettingready} Getting ready for public key authentication
Connect to your SSH server using PuTTY with the SSH protocol. When the
\b If your server is using the SSH 1 protocol, you should change
into the \c{.ssh} directory and open the file \c{authorized_keys}
-with your favorite editor. (You may have to create this file if this
-is the first key you have put in it). Then switch to the PuTTYgen
-window, select all of the text in the \q{Public key for pasting into
-authorized_keys file} box (see \k{puttygen-pastekey}), and copy it
-to the clipboard (\c{Ctrl+C}). Then, switch back to the PuTTY window
-and insert the data into the open file, making sure it ends up all
-on one line. Save the file.
+with your favourite editor. (You may have to create this file if
+this is the first key you have put in it). Then switch to the
+PuTTYgen window, select all of the text in the \q{Public key for
+pasting into authorized_keys file} box (see \k{puttygen-pastekey}),
+and copy it to the clipboard (\c{Ctrl+C}). Then, switch back to the
+PuTTY window and insert the data into the open file, making sure it
+ends up all on one line. Save the file.
\b If your server is OpenSSH and is using the SSH 2 protocol, you
should follow the same instructions, except that in earlier versions
Your server should now be configured to accept authentication using
your private key. Now you need to configure PuTTY to \e{attempt}
-authentication using your private key. You can do this in either of
-two ways:
+authentication using your private key. You can do this in any of
+three ways:
\b Select the private key in PuTTY's configuration. See
\k{config-ssh-privkey} for details.
+\b Specify the key file on the command line with the \c{-i} option.
+See \k{using-cmdline-identity} for details.
+
\b Load the private key into Pageant (see \k{pageant}). In this case
PuTTY will automatically try to use it for authentication if it can.
projects / u / mdw / putty / blobdiff