Re: Using GnuPG Keys with PuTTY



Simon Tatham wrote:
Wences <wgrillo@xxxxxxxxx> wrote:
Have you tried puttygen.exe, available from the PuTTY download page?

That won't help: PuTTYgen will cheerfully import keys from OpenSSH
and ssh.com, but doesn't know how to import from GnuPG.

Primarily this is because it has never occurred to us that anyone
would want to. The point of importing a private key from another
program is because it enables you to authenticate to servers which
_already_ trust the corresponding public key; if you instead
generated a fresh key then you'd have to reconfigure the server,
which might be more inconvenient (for example, if there are ten such
servers configured independently). So importing keys from other SSH
clients makes obvious practical sense because SSH servers will often
already be set up to trust those keys; but I've never heard of an
SSH server trusting a GnuPG public key, so I can't see any practical
reason why importing a GnuPG private key into PuTTY would be
preferable to just generating a fresh key.

Perhaps the original poster might shed some light on _why_ his users
want to import GnuPG keys into PuTTY?

Probably so that they have one private key identity, and one place to
manage it. I can see some benefit to this but am not sure how it would
work with current ssh implementations. GnuPG keys for example depend on
a web of trust where they are signed by other keys. They can also be
revoked, and they can expire. I don't believe ssh is set up for any of this.

Chuck
.