X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/blobdiff_plain/0906628e0ded30ff634dbdae331d310940928650..aab91a3e141d0ced1568fe0c5f3f562d2549d34a:/doc/pubkey.but

diff --git a/doc/pubkey.but b/doc/pubkey.but
index 987a876f..87eb2fef 100644
--- a/doc/pubkey.but
+++ b/doc/pubkey.but
@@ -1,4 +1,4 @@
-\versionid $Id: pubkey.but,v 1.12 2001/12/12 18:45:56 simon Exp $
+\versionid $Id: pubkey.but,v 1.18 2002/09/11 17:30:36 jacob Exp $
 
 \C{pubkey} Using public keys for SSH authentication
 
@@ -63,10 +63,12 @@ supported by PuTTY are described in \k{puttygen-keytype}.
 
 \H{pubkey-puttygen} Using PuTTYgen, the PuTTY key generator
 
+\cfg{winhelp-topic}{puttygen.general}
+
 PuTTYgen is a key generator. It generates pairs of public and private
 keys to be used with PuTTY, PSCP, and Plink, as well as the PuTTY
 authentication agent, Pageant (see \k{pageant}).  PuTTYgen generates
-RSA keys.
+RSA and DSA keys.
 
 When you run PuTTYgen you will see a window where you have two
 choices: \q{Generate}, to generate a new public/private key pair, or
@@ -328,6 +330,45 @@ find your key file. Once you select the file, PuTTYgen will ask you
 for a passphrase (if necessary) and will then display the key
 details in the same way as if it had just generated the key.
 
+If you use the Load command to load a foreign key format, it will
+work, but you will see a message box warning you that the key you
+have loaded is not a PuTTY native key. See \k{puttygen-conversions}
+for information about importing foreign key formats.
+
+\S{puttygen-conversions} Dealing with private keys in other formats
+
+\cfg{winhelp-topic}{puttygen.conversions}
+
+Most SSH1 clients use a standard format for storing private keys on
+disk. PuTTY uses this format as well; so if you have generated an
+SSH1 private key using OpenSSH or \cw{ssh.com}'s client, you can use
+it with PuTTY, and vice versa.
+
+However, SSH2 private keys have no standard format. OpenSSH and
+\cw{ssh.com} have different formats, and PuTTY's is different again.
+So a key generated with one client cannot immediately be used with
+another.
+
+Using the \q{Import} command from the \q{Conversions} menu, PuTTYgen
+can load SSH2 private keys in OpenSSH's format and \cw{ssh.com}'s
+format. Once you have loaded one of these key types, you can then
+save it back out as a PuTTY-format key so that you can use it with
+PuTTY. The passphrase will be unchanged by this process (unless you
+deliberately change it). You may want to change the key comment
+before you save the key, since OpenSSH's SSH2 key format contains no
+space for a comment and \cw{ssh.com}'s default comment format is
+long and verbose.
+
+PuTTYgen can also export private keys in OpenSSH format and in
+\cw{ssh.com} format. To do so, select one of the \q{Export} options
+from the \q{Conversions} menu. Exporting a key works exactly like
+saving it (see \k{puttygen-savepriv}) - you need to have typed your
+passphrase in beforehand, and you will be warned if you are about to
+save a key without a passphrase.
+
+Note that since only SSH2 keys come in different formats, the export
+options are not available if you have generated an SSH1 key.
+
 \H{pubkey-gettingready} Getting ready for public key authentication
 
 Connect to your SSH server using PuTTY with the SSH protocol. When the
@@ -337,13 +378,13 @@ accept your public key for authentication:
 
 \b If your server is using the SSH 1 protocol, you should change
 into the \c{.ssh} directory and open the file \c{authorized_keys}
-with your favorite editor. (You may have to create this file if this
-is the first key you have put in it). Then switch to the PuTTYgen
-window, select all of the text in the \q{Public key for pasting into
-authorized_keys file} box (see \k{puttygen-pastekey}), and copy it
-to the clipboard (\c{Ctrl+C}). Then, switch back to the PuTTY window
-and insert the data into the open file, making sure it ends up all
-on one line. Save the file.
+with your favourite editor. (You may have to create this file if
+this is the first key you have put in it). Then switch to the
+PuTTYgen window, select all of the text in the \q{Public key for
+pasting into authorized_keys file} box (see \k{puttygen-pastekey}),
+and copy it to the clipboard (\c{Ctrl+C}). Then, switch back to the
+PuTTY window and insert the data into the open file, making sure it
+ends up all on one line. Save the file.
 
 \b If your server is OpenSSH and is using the SSH 2 protocol, you
 should follow the same instructions, except that in earlier versions
@@ -372,11 +413,14 @@ such as
 
 Your server should now be configured to accept authentication using
 your private key. Now you need to configure PuTTY to \e{attempt}
-authentication using your private key. You can do this in either of
-two ways:
+authentication using your private key. You can do this in any of
+three ways:
 
 \b Select the private key in PuTTY's configuration. See
 \k{config-ssh-privkey} for details.
 
+\b Specify the key file on the command line with the \c{-i} option.
+See \k{using-cmdline-identity} for details.
+
 \b Load the private key into Pageant (see \k{pageant}). In this case
 PuTTY will automatically try to use it for authentication if it can.