PuTTY’s Pageant is a tool used for managing SSH authentication keys on Windows. It can store private keys in memory, allowing you to log in to servers without needing to repeatedly enter the passphrase. How to perform SSH key-based authentication with PuTTY we learned in a previous tutorial, which can be found here.
Here’s how you can use Pageant to remember the passphrase for your SSH keys:
Table of contents
1. Install PuTTY and Pageant
- Download PuTTY from the official PuTTY website.
- The installer typically includes Pageant along with PuTTY (Image 1).
2. Start Pageant
Open Pageant. You’ll see its icon appear in the Windows system tray (a computer monitor with a hat, Image 2).
3. Add Your Private Key to Pageant
Double-click on the Pageant icon. The following window will appear on the screen. Press the Add Key button (Image 3, 1) . Browse your file system and select your private key (e.g., id_rsa.ppk):
If you want to add extra key’s, right-click the Pageant icon in the system tray and select Add Key.
If your key is passphrase-protected, you’ll be prompted to enter the passphrase (Image 4,1). Enter it once; Pageant will remember it for the session.
The key (Image 5, 1) is now included in the Pageant key list. Click on the Close button (Image 5, 2):
4. Use the Key for SSH Connections
- Configure your SSH client (e.g., PuTTY) to use the Pageant-managed key.
- In PuTTY:
- Go to Connection > SSH > Auth.
- Ensure Attempt authentication using Pageant is checked.
- Save the session configuration.
When you connect to a server, Pageant will automatically provide the key without asking for the passphrase again.
5. Automatically Start Pageant with Keys
Since Pageant is running in the taskbar, you can connect to the SSH server without providing the passphrase. But when Pageant stops, it deletes all the saved keys, so the next time you start Pageant, you will have to add the keys again. To avoid having to add the RSA key each time, just attach a parameter that will run with the program every time it is started. The parameter must be added to the Pageant shortcut.
- Create a shortcut for Pageant.
- Add the private key file as a command-line argument to the shortcut:
- Right-click the shortcut and select Properties.
- In the Target field, add the path to your
.ppkfile, e.g.:"C:\Program Files\PuTTY\pageant.exe" "C:\path\to\your\key.ppk"
- Save the shortcut.
Place the shortcut in your Startup folder to load Pageant automatically when you log in:
- Press
Win + R, typeshell:startup, and press Enter. - Drag the Pageant shortcut into the folder.
Tips
- Security: Ensure your private key is stored securely, and avoid adding it to Pageant on shared or insecure systems.
- Key Conversion: If your key is not in PuTTY’s
.ppkformat, convert it using PuTTYgen.
This setup simplifies SSH logins while maintaining the security of your private key.
