mdw@git.distorted.org.uk Git - sgt/putty/blob - doc/pageant.but

   1 \C{pageant} Using Pageant for authentication
   2
   3 Pageant is an SSH authentication agent. It holds your private keys
   4 in memory, already decoded, so that you can use them often without
   5 needing to type a passphrase.
   6
   7 Currently, Pageant only works with SSH v1.
   8
   9 \H{pageant-start} Getting started with Pageant
  10
  11 Before you run Pageant, you need to have a private key. See
  12 \k{pubkey} to find out how to generate and use one.
  13
  14 When you run Pageant, it will put an icon of a computer wearing a
  15 hat into the System tray. It will then sit and do nothing.
  16
  17 If you click the Pageant icon with the right mouse button, you will
  18 see a menu. Select \e{View Keys} from this menu. The Pageant main
  19 window will appear. (You can also bring this window up by
  20 double-clicking on the Pageant icon.)
  21
  22 The Pageant window contains a list box. This shows the private keys
  23 Pageant is holding. When you start Pageant, it has no keys, so the
  24 list box will be empty.
  25
  26 To add a key to Pageant, press the \e{Add Key} button. Pageant will
  27 bring up a file dialog, labelled \q{Select Private Key File}. Find
  28 your private key file in this dialog, and press \e{Open}.
  29
  30 Pageant will now load the private key. If the key is protected by a
  31 passphrase, Pageant will ask you to type the passphrase. When the
  32 key has been loaded, it will appear in the list in the Pageant
  33 window.
  34
  35 Now start PuTTY and open an SSH session to a site that accepts your
  36 key. PuTTY will notice that Pageant is running, retrieve the key
  37 automatically from Pageant, and use it to authenticate. You can now
  38 open as many PuTTY sessions as you like without having to type your
  39 passphrase again.
  40
  41 When you want to shut down Pageant, click the right button on the
  42 Pageant icon in the System tray, and select \e{Exit} from the menu.
  43 Closing the Pageant main window does \e{not} shut down Pageant.
  44
  45 \H{pageant-forward} Using agent forwarding
  46
  47 \# Walk the user through enabling agent forwarding and starting a
  48 \# second-level session.
  49
  50 \# Demonstrate the use of ssh-add at the remote end.
  51
  52 \H{pageant-security} Security considerations
  53
  54 \# Explain that local use of Pageant allows you convenient one-touch
  55 \# authentication without ever storing a decrypted key on disk
  56
  57 \# Explain that, despite this, it still doesn't protect you against
  58 \# your local machine being hacked (swap files, but more importantly
  59 \# trojans)
  60
  61 \# Explain that forwarding agent connections to a remote site
  62 \# can be abused by the sysadmin of that site, so you'd better know
  63 \# you can trust them