![]() ![]() For example, you might run Pageant like this (with your own username substituted, of course): To refer to this file from your main OpenSSH configuration, you can use the Include directive. The option is -openssh-config, and you follow it with a filename. If you include this file from your Windows SSH configuration, then ssh.exe should automatically use Pageant as its agent, so that you can keep your keys in one place and have both SSH clients able to use them. When Pageant starts up, it can optionally write out a file containing an OpenSSH configuration directive that tells the Windows ssh.exe where to find Pageant. This means that Windows OpenSSH can talk directly to Pageant, if it knows where to find Pageant’s named pipe. Windows’s own port of OpenSSH uses the same mechanism as Pageant to talk to its SSH agent (Windows named pipes). The state of deferred decryption, if enabled for this key.That way you can tell two certificates apart. You can instead use the Fingerprint type drop-down to ask for a different fingerprint to be shown for certified keys, which includes the certificate as part of the fingerprinted data. This way, a certified and uncertified version of the same key will have the same fingerprint, so you can see that they match. If some of the keys loaded into Pageant have certificates attached, then Pageant will default to showing the fingerprint of the underlying key. You can change to the older MD5 format (which looks like aa:bb:cc:…) with the Fingerprint type drop-down, but bear in mind that this format is less secure and should be avoided for comparison purposes where possible. This should be the same fingerprint given by PuTTYgen, and also the same fingerprint shown by remote utilities such as ssh-keygen when applied to your authorized_keys file.īy default this is shown in the SHA-256 format. ![]() (For ECDSA NIST keys, this is indicated as p256 or p384 or p521.) The size (in bits) of the key, for key types that come in different sizes.(If the key has an associated certificate, this is shown here with a cert suffix.) Currently, this can be RSA, DSA, NIST (an ECDSA key), Ed25519, Ed448, or SSH-1 (an RSA key for use with the deprecated SSH-1 protocol, not supported by WinSCP). If you want Pageant to stay running but forget all the keys it has acquired, select Remove All Keys from the System tray menu.įor each key, the list box will tell you: ![]() Closing the Pageant main window does not shut down Pageant. When you want to shut down Pageant, click the right button on the Pageant icon in the System tray, and select Exit from the menu. WinSCP can be configured not to try to use Pageant, but it will try by default. You can now open as many WinSCP sessions as you like without having to type your passphrase again. WinSCP will notice that Pageant is running, retrieve the key automatically from Pageant, and use it to authenticate. Now start WinSCP and open an SSH session to a site that accepts your key. When the key has been loaded, it will appear in the list in the Pageant window. If the key is protected by a passphrase, Pageant will ask you to type the passphrase. Find your private key file in this dialog, and press Open. Pageant will bring up a file dialog, labelled Select Private Key File. To add a key to Pageant, press the Add Key button. After you add one or more keys, they will show up in the list box. When you start Pageant, it has no keys, so the list box will be empty. This shows the private keys Pageant is holding. (You can also bring this window up by double-clicking on the Pageant icon.) If you click the Pageant icon with the right mouse button, you will see a menu. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |