-\versionid $Id: pubkey.but,v 1.20 2002/12/27 16:54:14 simon Exp $
+\define{versionidpubkey} \versionid $Id$
\C{pubkey} Using public keys for SSH authentication
PuTTYgen later (see \k{puttygen-load}) and the public key will be
available for copying and pasting again.
-\k{pubkey-gettingready} describes the typical process of configuring
+\K{pubkey-gettingready} describes the typical process of configuring
PuTTY to attempt public-key authentication, and configuring your SSH
server to accept it.
box asking you where to save the file. Select a directory, type in a
file name, and press \q{Save}.
-This file is the one you will need to tell PuTTY to use for
-authentication (see \k{config-ssh-privkey}) or tell Pageant to load
-(see \k{pageant-mainwin-addkey}).
+This file is in PuTTY's native format (\c{*.PPK}); it is the one you
+will need to tell PuTTY to use for authentication (see
+\k{config-ssh-privkey}) or tell Pageant to load (see
+\k{pageant-mainwin-addkey}).
\S{puttygen-savepub} Saving your public key to a disk file
Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
format. Once you have loaded one of these key types, you can then
-save it back out as a PuTTY-format key so that you can use it with
-PuTTY. The passphrase will be unchanged by this process (unless you
-deliberately change it). You may want to change the key comment
-before you save the key, since OpenSSH's SSH2 key format contains no
-space for a comment and \cw{ssh.com}'s default comment format is
-long and verbose.
+save it back out as a PuTTY-format key (\c{*.PPK}) so that you can use
+it with the PuTTY suite. The passphrase will be unchanged by this
+process (unless you deliberately change it). You may want to change
+the key comment before you save the key, since OpenSSH's SSH2 key
+format contains no space for a comment and \cw{ssh.com}'s default
+comment format is long and verbose.
PuTTYgen can also export private keys in OpenSSH format and in
\cw{ssh.com} format. To do so, select one of the \q{Export} options
You may also need to ensure that your home directory, your \c{.ssh}
directory, and any other files involved (such as
\c{authorized_keys}, \c{authorized_keys2} or \c{authorization}) are
-not group-writable. You can typically do this by using a command
-such as
+not group-writable or world-writable. You can typically do this by
+using a command such as
-\c chmod g-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys
+\c chmod go-w $HOME $HOME/.ssh $HOME/.ssh/authorized_keys
Your server should now be configured to accept authentication using
your private key. Now you need to configure PuTTY to \e{attempt}