search

NoMoreFood / putty-cac

Windows Secure Shell Client With Support For Smart Cards, Certificates, & FIDO Keys
474 stars 43 forks source link

SSH CAPI Cert #130

Closed Aetherinox closed 3 months ago

Aetherinox commented 3 months ago

Question about the SSH -> Certificate section. When you select CAPI and you have the public key at the bottom that you can copy in the section authorized keys file value, what is the difference between that public key, and the OpenSSH key you export when initially creating your PIV keys by running the command

ssh-keygen -y -f "mykey.pem" > "id_rsa.pub"

The values are different in both sets.

Is that value required in the .ssh/ folder in order to use CAPI / PuTTY-CAC to connect? Or can either one be used.

NoMoreFood commented 3 months ago

Sorry for the latent response. I don't believe there should be much difference other than the line breaks. The authorized_keys files can contain multiple one-liner versions of "id_rsa.pub" files if you have multiple keys you want to authorize.