[Gpg4win-users-en] [GPG Agent + PuTTY] unable to use PuTTY + gpg-agent + Authentication subkey
Christophe Brocas
christophe.brocas at cnamts.fr
Fri Nov 22 13:49:13 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Le 04/11/2013 09:44, Christophe Brocas a écrit :
>
> Le 25/10/2013 19:28, Werner Koch a écrit :
> > Hi Christophe,
>
> > I know that the use of putty is not very comfortable. This is mostly
> > related to the fact that I never use Windows as a client to access my
> > servers. Actually I would more love to have a usable sshd on Windows.
>
> > I did my tests using a smartcard becuase that is really easy as there is
> > no need for configuration files. Another test I did was to use an
> > existing ssh key from my Unix box:
>
> > The keys which are working on Unix are all listed in
> > ~/.gnupg/sshcontrol. Copy the relevant lines to an sshcontrol file on
> > Windows ("gpgconf --list-dirs" shows the home/conf directory) and then
> > copy the file ~/.gnupg/private-keys-v1.d/ABCD...EF.key (The keygrip as
> > listed in sshcontrol) to the private-keys-v1-v1.d directory on the
> > Windows box. Now Putty should be able to connect to any machine you are
> > able to connect from your Unix account.
>
>
> > Shalom-Salam,
>
> > Werner
>
> Hello
>
> Back from a week offline. Thank you for the support. I will test these elements
> tomorrow or on Wednesday.
>
> I should also test with a smartcard (through an usb reader like Gemalto one) but
> I have to acquire and set up them.
Feedback to the list :
I finally choose to acquire two smarcards from Kernelconcepts and a gemalto usb
token.
After having put my keys on the smartcard, I manage to have the SSH connection
with PuTTY (with under GPA, backend-preferences>GPG Agent set to
"enable-putty-support") just works.
I just encounter some problems when I plug out/in my usb gemalto token and/or I
loggout/login.
I have not yet found an automatic robust solution. For the moment, when I
encounter problem, I restart *manually* the agent though gpg-connect-agent.exe
killagent /bye + launch through gpg-connect-agent.exe /bye.
I am going to try to find a more robust solution :)
Thank you for the support
Christophe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQGcBAEBAgAGBQJSj1LBAAoJENlOz/4GYcu6FLUMAOauNpkc4vBBp3+FKLNWQi+l
y3AjRfq72UCGRB7B7GFpdti2hNRszm//gaNgROi4SK4mHfX+78ltZlayeNAqhhJg
livUQJZl3ZG21vijHzrzJXLtmgbxVmtOhn6XeR5fkdbNUSz1qIFbqcw6ggjVTFdt
pE+mV7+TrRAGP7zoUqlRwBFAy451tBgQcDxuCFQQdXqlhtrVCLPDmbdGsetdyaG/
OmUOuQZul/JK3ni/0x+W410jt/O8NzALYpO+eVRAtVjgX2eAQowMQGYgugbomPOZ
bai72WQPlO4Ps8V2dHmSNI4kvRbmq1IBzoGLjpeKQRaB3NdtF39CPVKsazjzIEge
Yaw39f37tSR0MQYTV6OiuRwLXxVB7pQSoNPQSWACL2qcVh2u8KcSApdybzAL5EIV
5ovnLviGeCUpAvAAizKFeWlJIEFXZrR7Pbn2UZHjpnm+eFmIFlxxL4dUXQgmwXJL
1RMmoTzxECNXBZBWmX4LBU1ZxaLFpQOizO/NHcraPw==
=wwrn
-----END PGP SIGNATURE-----
*****************************************************
"Le contenu de ce courriel et ses eventuelles pièces jointes sont confidentiels. Ils s'adressent exclusivement à la personne destinataire. Si cet envoi ne vous est pas destiné, ou si vous l'avez reçu par erreur, et afin de ne pas violer le secret des correspondances, vous ne devez pas le transmettre à d'autres personnes ni le reproduire. Merci de le renvoyer à l'émetteur et de le détruire.
Attention : L'Organisme de l'émetteur du message ne pourra être tenu responsable de l'altération du présent courriel. Il appartient au destinataire de vérifier que les messages et pièces jointes reçus ne contiennent pas de virus. Les opinions contenues dans ce courriel et ses éventuelles pièces jointes sont celles de l'émetteur. Elles ne reflètent pas la position de l'Organisme sauf s'il en est disposé autrement dans le présent courriel."
******************************************************
More information about the Gpg4win-users-en
mailing list