Re: Using GnuPG Keys with PuTTY



Simon,

We have users that have been using pgp/GnuPG for sometime with their
e-mail. We are moving them to a 'common' platform (PC) and are
implementing the SSH client using PuTTY (Thank you). They don't want to
have to manage multiple keys and have read that SSH2 will work with pgp
keys by adding 'PgpKeyName pgpkeyfilename' to their
~.ssh/authorized_keys file.

They really like the way Pageant works.

I would have them generate new keys with puttygen if they could export
the key to use with GnuPG.

SSH2 ver 2.0.13 is the version that introduced support for PGP
authentication

Russ...

Simon Tatham wrote:
Wences <wgrillo@xxxxxxxxx> wrote:
Have you tried puttygen.exe, available from the PuTTY download page?

That won't help: PuTTYgen will cheerfully import keys from OpenSSH
and ssh.com, but doesn't know how to import from GnuPG.

Primarily this is because it has never occurred to us that anyone
would want to. The point of importing a private key from another
program is because it enables you to authenticate to servers which
_already_ trust the corresponding public key; if you instead
generated a fresh key then you'd have to reconfigure the server,
which might be more inconvenient (for example, if there are ten such
servers configured independently). So importing keys from other SSH
clients makes obvious practical sense because SSH servers will often
already be set up to trust those keys; but I've never heard of an
SSH server trusting a GnuPG public key, so I can't see any practical
reason why importing a GnuPG private key into PuTTY would be
preferable to just generating a fresh key.

Perhaps the original poster might shed some light on _why_ his users
want to import GnuPG keys into PuTTY?
--
Simon Tatham "The distinction between the enlightened and the
<anakin@xxxxxxxxx> terminally confused is only apparent to the latter."

.



Relevant Pages

  • OpenSSH 3.0.1p1 Solaris 2.5 - 8.0 Nightmares occuring
    ... I am having some really bad problems trying to upgrade our servers to ... having all kinds of issues with the keys. ... PS Am purchasing O'reilly's SSH book today, hopefully, it will ...
    (comp.security.ssh)
  • Re: SSH ignores locked accounts
    ... >> via SSH still works too. ... > the remote users to use SSH key access rather than password based access, ... This is very useful for master servers that hold authentication ... > of private keys and a designated set of authorized keys for your authorized, ...
    (comp.security.ssh)
  • graceful ssh key management
    ... How do I have multiple ssh keys not overwrite each other, ... I have a computer that is a client to a number of different servers. ...
    (SSH)
  • Re: Opening ports in my firewall
    ... >> only with DSA keys, and not allowing manual password logins. ... - copy the .ssh directory to the new machine, if you control it, or ... Walter Dnes; my email address is *ALMOST* like wzaltdnes@waltdnes.org ...
    (comp.os.linux.security)
  • Re: ssh & X11 Authentication Issue - Advice Please
    ... >I went out and removed my .ssh directory on the mounted file system. ... >my keys are for my machine and anyone of the servers.. ...
    (Debian-User)