Answers: How to manage SSH keys securely in Windows?

Faqa

I currently have an SSH key I use to access both Bitbucket and my home server from my Windows laptop. The most convenient way I found to deal with the use of the private key was to just have pageant boot on startup, and enter my passphrase then. All well and good, but not terribly secure if someone breaks into my laptop. Since I was already using KeePass for my passwords, I tried switching to KeeAgent, but this didn't seem to improve matters, as I was still faced with the choice of either keeping the key ready for use after entering the passphrase once, or giving it a "lifetime" after which it would drop out of the agent and I'd have to re-add it. That's more secure, but it brings me back to why I set up pageant in the first place - manually re-adding the key is annoying and cumbersome. Typing in the password is fine, but adding the key is an irritant.

I've searched, but I can't seem to find a decent "keyring" application in Windows that could manage access to SSH keys and prompt me for a password each time one needs to be used. Is there anything I'm missing here?

Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.

mac - Prevent scp to .ssh folder, Public Key Authentication security

mac networking security ssh

utahwithak

I really know exactly know how to best ask this best and is taken care of in the backend, but I have recently delved into the world of public key authentication over ssh. This led me to wonder about how easy it would be for someone to do the same remotely to my computer? Is there a way to protect the .ssh folder to prevent scp into it or prevent a key from being added to authorized-keys without root permissions or something.

Is this type of security issue taken care of by the knowledge that they would have to have your password anyway to scp in? Am I dawning a tinfoil hat preemptively?

Thanks

Home

How to manage SSH keys securely in Windows?