PuTTY wish key-formats-natively

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Ability to use OpenSSH and ssh.com SSH-2 private keys directly (without first converting with PuTTYgen)
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: low: We aren't sure whether to fix this or not.

We are occasionally asked if PuTTY could acquire the ability to use foreign private key formats. The PuTTY suite supports these key formats, in the sense that PuTTYgen can load and save them and convert them into PuTTY's own PPK key format; but a conversion step is required, because PuTTY itself does not include the foreign key import code.

I'm unwilling to do this, because I designed the PPK format rather carefully with some specific design goals in mind, and PuTTY in its current form actually depends on those design goals. The advantages of the PuTTY key format are:

So in order to support non-PPK key formats in PuTTY, we would have to revamp the public-key authentication code considerably, to make it a lot more flexible about when it asked the user for a passphrase. This would also lead to confusing subtle differences in operation depending on the key type in use; supporting OpenSSH's .pub files would also introduce the same failure mode as OpenSSH exhibits when the two files get out of sync; and for all of this coding effort on our part and potential UI-level chaos, we would be providing users with the ability to decrease the security of their private keys without even necessarily being aware of it.

Therefore, our current intention is not to implement this feature, and our recommendation is that people convert foreign private key formats to PPK in order to use them with PuTTY. This is not too difficult now that we have a Unix command-line port of PuTTYgen, which should make it feasible to automate such conversion.

Audit trail for this wish.


If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2006-05-17 11:34:13 +0100)