-\versionid $Id: pubkey.but,v 1.13 2001/12/14 09:58:07 simon Exp $
+\versionid $Id: pubkey.but,v 1.18 2002/09/11 17:30:36 jacob Exp $
\C{pubkey} Using public keys for SSH authentication
\H{pubkey-puttygen} Using PuTTYgen, the PuTTY key generator
+\cfg{winhelp-topic}{puttygen.general}
+
PuTTYgen is a key generator. It generates pairs of public and private
keys to be used with PuTTY, PSCP, and Plink, as well as the PuTTY
authentication agent, Pageant (see \k{pageant}). PuTTYgen generates
-RSA keys.
+RSA and DSA keys.
When you run PuTTYgen you will see a window where you have two
choices: \q{Generate}, to generate a new public/private key pair, or
for a passphrase (if necessary) and will then display the key
details in the same way as if it had just generated the key.
+If you use the Load command to load a foreign key format, it will
+work, but you will see a message box warning you that the key you
+have loaded is not a PuTTY native key. See \k{puttygen-conversions}
+for information about importing foreign key formats.
+
+\S{puttygen-conversions} Dealing with private keys in other formats
+
+\cfg{winhelp-topic}{puttygen.conversions}
+
+Most SSH1 clients use a standard format for storing private keys on
+disk. PuTTY uses this format as well; so if you have generated an
+SSH1 private key using OpenSSH or \cw{ssh.com}'s client, you can use
+it with PuTTY, and vice versa.
+
+However, SSH2 private keys have no standard format. OpenSSH and
+\cw{ssh.com} have different formats, and PuTTY's is different again.
+So a key generated with one client cannot immediately be used with
+another.
+
+Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
+can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
+format. Once you have loaded one of these key types, you can then
+save it back out as a PuTTY-format key so that you can use it with
+PuTTY. The passphrase will be unchanged by this process (unless you
+deliberately change it). You may want to change the key comment
+before you save the key, since OpenSSH's SSH2 key format contains no
+space for a comment and \cw{ssh.com}'s default comment format is
+long and verbose.
+
+PuTTYgen can also export private keys in OpenSSH format and in
+\cw{ssh.com} format. To do so, select one of the \q{Export} options
+from the \q{Conversions} menu. Exporting a key works exactly like
+saving it (see \k{puttygen-savepriv}) - you need to have typed your
+passphrase in beforehand, and you will be warned if you are about to
+save a key without a passphrase.
+
+Note that since only SSH2 keys come in different formats, the export
+options are not available if you have generated an SSH1 key.
+
\H{pubkey-gettingready} Getting ready for public key authentication
Connect to your SSH server using PuTTY with the SSH protocol. When the
Your server should now be configured to accept authentication using
your private key. Now you need to configure PuTTY to \e{attempt}
-authentication using your private key. You can do this in either of
-two ways:
+authentication using your private key. You can do this in any of
+three ways:
\b Select the private key in PuTTY's configuration. See
\k{config-ssh-privkey} for details.
+\b Specify the key file on the command line with the \c{-i} option.
+See \k{using-cmdline-identity} for details.
+
\b Load the private key into Pageant (see \k{pageant}). In this case
PuTTY will automatically try to use it for authentication if it can.