Re: Using GnuPG Keys with PuTTY



Simon,

We have users that have been using pgp/GnuPG for sometime with their
e-mail. We are moving them to a 'common' platform (PC) and are
implementing the SSH client using PuTTY (Thank you). They don't want to
have to manage multiple keys and have read that SSH2 will work with pgp
keys by adding 'PgpKeyName pgpkeyfilename' to their
~.ssh/authorized_keys file.

They really like the way Pageant works.

I would have them generate new keys with puttygen if they could export
the key to use with GnuPG.

SSH2 ver 2.0.13 is the version that introduced support for PGP
authentication

Russ...

Simon Tatham wrote:
Wences <wgrillo@xxxxxxxxx> wrote:
Have you tried puttygen.exe, available from the PuTTY download page?

That won't help: PuTTYgen will cheerfully import keys from OpenSSH
and ssh.com, but doesn't know how to import from GnuPG.

Primarily this is because it has never occurred to us that anyone
would want to. The point of importing a private key from another
program is because it enables you to authenticate to servers which
_already_ trust the corresponding public key; if you instead
generated a fresh key then you'd have to reconfigure the server,
which might be more inconvenient (for example, if there are ten such
servers configured independently). So importing keys from other SSH
clients makes obvious practical sense because SSH servers will often
already be set up to trust those keys; but I've never heard of an
SSH server trusting a GnuPG public key, so I can't see any practical
reason why importing a GnuPG private key into PuTTY would be
preferable to just generating a fresh key.

Perhaps the original poster might shed some light on _why_ his users
want to import GnuPG keys into PuTTY?
--
Simon Tatham "The distinction between the enlightened and the
<anakin@xxxxxxxxx> terminally confused is only apparent to the latter."

.