Using the most recent version 2.2.1 of Gpg4win, the GnupPG distribution for windows, you are able to use your GPG-keys for ssh-authentication.
In this post, I will show how to setup your environment to do exactly that: use your gpg-keys for ssh-authentication with putty.
I assume that you have already
GPG now acts just like pageant
With the current version, Gpg4win contains a gpg-agent that can replace putty’s pageant. Gpg-agent will run as a background-process and will manage your gpg-keys. It will provide the necessary information needed by putty to perform an ssh-login.
But some configuration needs to be made first. The configuration file is located in a subdirectory of your user-directory:
gpg-agent.conf does not exist, create it with a text-editor. Add the following code-line:
Now, save and close
gpg-agent.conf. There are more options available, see the documentation at gnupg.org for details.
Now you can open a windows-command-shell and run
gpg-agent --daemon. Make sure that gpg-agent.exe is covered by your
PATH environment variable.
The agent should start and show something similar to this:
Now your gpg-agent is running in the background and holds you private gpg key for authentication. The next step would be convert your public gpg key into a public ssh-key to store it on the server in your
~/.ssh/authorized_keys file. If your client machine would run Linux or Mac OS X, everything would be fine. There, you would have a command-line-tool called gpgkey2ssh, which conveniently converts gpg-keys into compatible ssh-keys.
But Gpg4win does not provide this tool. There is no gpgkey2ssh.exe. Bummer!!!
So, as a matter of fact, were are fragged.
You can still log in with putty to the ssh-server now, but you will be asked for your account password all the time. One of SSH’s big advantages, in my opinion, is that this password-request during logins is omitted.
It would be great, if Gpg4win would add gpgkey2ssh.exe.
I have tried to build GnuPG myself in a cygwin environment. It took me some time, but in the end it worked and that build contained a gpgkey2ssh.exe. But it ran only within the cygwin shell. That’s not a solution I would recommend to everyone.