-\versionid $Id: pubkey.but,v 1.18 2002/09/11 17:30:36 jacob Exp $
+\versionid $Id: pubkey.but,v 1.21 2003/01/16 15:43:18 jacob Exp $
\C{pubkey} Using public keys for SSH authentication
agent}, a separate program which holds decrypted private keys and
generates signatures on request. PuTTY's authentication agent is
called Pageant. When you begin a Windows session, you start Pageant
-and load your public key into it (typing your passphrase once). For
+and load your private key into it (typing your passphrase once). For
the rest of your session, you can start PuTTY any number of times
and Pageant will automatically generate signatures without you
having to do anything. When you close your Windows session, Pageant
\cfg{winhelp-topic}{puttygen.keytype}
-Before generating a public key using PuTTYgen, you need to select
+Before generating a key pair using PuTTYgen, you need to select
which type of key you need. PuTTYgen currently supports three types
of key:
Currently 1024 bits should be sufficient for most purposes.
+Note that an RSA key is generated by finding two primes of half the
+length requested, and then multiplying them together. For example,
+if you ask PuTTYgen for a 1024-bit RSA key, it will create two
+512-bit primes and multiply them. The result of this multiplication
+might be 1024 bits long, or it might be only 1023; so you may not
+get the exact length of key you asked for. This is perfectly normal,
+and you do not need to worry. The lengths should only ever differ by
+one, and there is no perceptible drop in security as a result.
+
+DSA keys are not created by multiplying primes together, so they
+should always be exactly the length you asked for.
+
\S{puttygen-generate} The \q{Generate} button
\cfg{winhelp-topic}{puttygen.generate}
box asking you where to save the file. Select a directory, type in a
file name, and press \q{Save}.
-This file is the one you will need to tell PuTTY to use for
-authentication (see \k{config-ssh-privkey}) or tell Pageant to load
-(see \k{pageant-mainwin-addkey}).
+This file is in PuTTY's native format (\c{*.PPK}); it is the one you
+will need to tell PuTTY to use for authentication (see
+\k{config-ssh-privkey}) or tell Pageant to load (see
+\k{pageant-mainwin-addkey}).
\S{puttygen-savepub} Saving your public key to a disk file
Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
format. Once you have loaded one of these key types, you can then
-save it back out as a PuTTY-format key so that you can use it with
-PuTTY. The passphrase will be unchanged by this process (unless you
-deliberately change it). You may want to change the key comment
-before you save the key, since OpenSSH's SSH2 key format contains no
-space for a comment and \cw{ssh.com}'s default comment format is
-long and verbose.
+save it back out as a PuTTY-format key (\c{*.PPK}) so that you can use
+it with the PuTTY suite. The passphrase will be unchanged by this
+process (unless you deliberately change it). You may want to change
+the key comment before you save the key, since OpenSSH's SSH2 key
+format contains no space for a comment and \cw{ssh.com}'s default
+comment format is long and verbose.
PuTTYgen can also export private keys in OpenSSH format and in
\cw{ssh.com} format. To do so, select one of the \q{Export} options
projects / u / mdw / putty / blobdiff