Re: Using GnuPG Keys with PuTTY



Simon Tatham wrote:
Wences <wgrillo@xxxxxxxxx> wrote:
Have you tried puttygen.exe, available from the PuTTY download page?

That won't help: PuTTYgen will cheerfully import keys from OpenSSH
and ssh.com, but doesn't know how to import from GnuPG.

Primarily this is because it has never occurred to us that anyone
would want to. The point of importing a private key from another
program is because it enables you to authenticate to servers which
_already_ trust the corresponding public key; if you instead
generated a fresh key then you'd have to reconfigure the server,
which might be more inconvenient (for example, if there are ten such
servers configured independently). So importing keys from other SSH
clients makes obvious practical sense because SSH servers will often
already be set up to trust those keys; but I've never heard of an
SSH server trusting a GnuPG public key, so I can't see any practical
reason why importing a GnuPG private key into PuTTY would be
preferable to just generating a fresh key.

Perhaps the original poster might shed some light on _why_ his users
want to import GnuPG keys into PuTTY?

Probably so that they have one private key identity, and one place to
manage it. I can see some benefit to this but am not sure how it would
work with current ssh implementations. GnuPG keys for example depend on
a web of trust where they are signed by other keys. They can also be
revoked, and they can expire. I don't believe ssh is set up for any of this.

Chuck
.



Relevant Pages

  • Re: possible to realize? (cluster)
    ... You need GnuPG to verify this message ... Let's say we have 30 users, which want to run KDE and do ... All the programs are being executed on the servers, ... The servers share the load equally. ...
    (comp.os.linux.networking)
  • Re: Using GnuPG Keys with PuTTY
    ... servers configured independently). ... So importing keys from other SSH ... clients makes obvious practical sense because SSH servers will often ... SSH server trusting a GnuPG public key, so I can't see any practical ...
    (comp.security.ssh)
  • Re: gpg/pgp noise
    ... Increasing the pool of servers that gpg checks may alleviate ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: When do you turn off your Ubuntu boxes?
    ... I don't really care about hunting for any "top uptime" (after all, ... that's what I do have servers for, ... "One dreaming alone, it will be only a dream; ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
    (Ubuntu)
  • Re: Using GnuPG Keys with PuTTY
    ... have to manage multiple keys and have read that SSH2 will work with pgp ... but doesn't know how to import from GnuPG. ... servers configured independently). ... So importing keys from other SSH ...
    (comp.security.ssh)