Re: Using GnuPG Keys with PuTTY

"Chuck" == Chuck <skilover_nospam@xxxxxxxxxxxxxx> writes:

Chuck> Simon Tatham wrote:
>> Wences <wgrillo@xxxxxxxxx> wrote:
>>> Have you tried puttygen.exe, available from the PuTTY download
>>> page?
>> That won't help: PuTTYgen will cheerfully import keys from OpenSSH
>> and ssh.com, but doesn't know how to import from GnuPG.
>>
>> Primarily this is because it has never occurred to us that anyone
>> would want to. The point of importing a private key from another
>> program is because it enables you to authenticate to servers which
>> _already_ trust the corresponding public key; if you instead
>> generated a fresh key then you'd have to reconfigure the server,
>> which might be more inconvenient (for example, if there are ten
>> such servers configured independently). So importing keys from
>> other SSH clients makes obvious practical sense because SSH servers
>> will often already be set up to trust those keys; but I've never
>> heard of an SSH server trusting a GnuPG public key, so I can't see
>> any practical reason why importing a GnuPG private key into PuTTY
>> would be preferable to just generating a fresh key.
>>
>> Perhaps the original poster might shed some light on _why_ his
>> users want to import GnuPG keys into PuTTY?

Chuck> Probably so that they have one private key identity, and one
Chuck> place to manage it. I can see some benefit to this but am not
Chuck> sure how it would work with current ssh implementations. GnuPG
Chuck> keys for example depend on a web of trust where they are signed
Chuck> by other keys. They can also be revoked, and they can expire. I
Chuck> don't believe ssh is set up for any of this.

Chuck> Chuck

The Tectia Unix ssh client (ssh.com) can use GPG-format keys for user
authentication, on both the client and server sides.

--
Richard Silverman
res@xxxxxxxx

.

Relevant Pages

  • OpenSSH 3.0.1p1 Solaris 2.5 - 8.0 Nightmares occuring
    ... I am having some really bad problems trying to upgrade our servers to ... having all kinds of issues with the keys. ... PS Am purchasing O'reilly's SSH book today, hopefully, it will ...
    (comp.security.ssh)
  • Re: SSH ignores locked accounts
    ... >> via SSH still works too. ... > the remote users to use SSH key access rather than password based access, ... This is very useful for master servers that hold authentication ... > of private keys and a designated set of authorized keys for your authorized, ...
    (comp.security.ssh)
  • graceful ssh key management
    ... How do I have multiple ssh keys not overwrite each other, ... I have a computer that is a client to a number of different servers. ...
    (SSH)
  • Re: ssh & X11 Authentication Issue - Advice Please
    ... >I went out and removed my .ssh directory on the mounted file system. ... >my keys are for my machine and anyone of the servers.. ...
    (Debian-User)
  • Re: Connect with null passphrases
    ... Be sure to check that under the SSH server configuration for remote and local machines, the option regarding the use of SSH keys is enabled. ... I changed to *NP* the password field of /etc/shadow for the fictitious users on the servers the cron jobs connect to, ... those servers to which the cron job tries to connect to as a real user, who has a real password, does not allow ssh connections with null passphrases. ...
    (SSH)