Previous | Contents | Next

Section 6.2: PuTTYgen: Key generator for PuTTY

PuTTYgen is a key generator. It generates pairs of public and private keys to be used with PuTTY, PSCP, and Plink, as well as the PuTTY authentication agent, Pageant (see chapter 7). PuTTYgen generates RSA keys.

When you run PuTTYgen you will see a window where you have two choices: Generate new public/private key pair or Load an existing private key.

6.2.1 Generate a new key

Before generating a new key you have to choose the strength of the encryption, and the type of the key (see section 6.1.1). With Parameters you define the strength of the key. The default of 1024 should be OK for most users.

Pressing the Generate button starts the process of generating a new key pair. You then have to move the mouse over the blank area in order to generate random data for the algorithm. Continue until the progress bar is complete.

As soon as enough random data is available the key is generated. This may take a little while, especially on slow machines. Once the key is generated, its details appear in the Key part of the PuTTYgen window.

Now you can change the Key comment to something more meaningful than the default (which is based on the current date). e.g. add the name of the host you will use it for. When using multiple keys a meaningful comment may help you remember which passphrase to use! You should always enter a Key passphrase and Confirm passphrase to protect your keys.

Finally save the key by pressing the Save button. Do not close the window but proceed with step section 6.2.3, otherwise you will have to Load the private key again as described below.

6.2.2 Load and modify a key

PuTTYgen does not store the public key in a file by default. If you have to distribute the public key you can press the Load button, select the private key file, and PuTTYgen will give you the public key again. You can also change the comment and passphrase for your private key this way. Just modify the values and Save the key.

6.2.3 Getting ready for public key authentication

Connect to your SSH server using PuTTY with the SSH protocol. When the connection succeeds you will be prompted for your user name and password to login. Once logged in, you must configure the server to accept your public key for authentication:

From now on you should be able to use the private key for authentication to this host. Either select the private key in PuTTY's Connection, SSH panel: Private key file for authentication dialog or use it with Pageant as described in chapter 7.

Previous | Contents | Next


Comments to putty@projects.tartarus.org
[$Id: pubkey.but,v 1.6 2001/09/25 19:59:14 simon Exp $]