ui_puttygen » Revisions »
Differences
This shows you the differences between the selected revisions of the page.
| 2021-05-20 | 2021-06-18 | ||
| style (martin) | 5.19 stable has been released (martin) | ||
| Line 48: | Line 48: | ||
| * For ECDSA, only 256, 384, and 521 bits are supported. (%%ECDSA%% offers equivalent security to %%RSA%% with smaller key sizes.) | * For ECDSA, only 256, 384, and 521 bits are supported. (%%ECDSA%% offers equivalent security to %%RSA%% with smaller key sizes.) | ||
| - | * For EdDSA, the only valid sizes are 255 bits (these keys are also known as Ed25519 and are commonly used) and 448 bits (Ed448, which is much less common at the time of writing – //This feature is available only in PuTTYgen 0.75 included in the latest beta release.//). &beta (256 is also accepted for backward compatibility, but the effect is the same as 255.) | + | * For EdDSA, the only valid sizes are 255 bits (these keys are also known as Ed25519 and are commonly used) and 448 bits (Ed448, which is much less common at the time of writing). (256 is also accepted for backward compatibility, but the effect is the same as 255.) |
| ===== Selecting the Prime Generation Method ===== | ===== Selecting the Prime Generation Method ===== | ||
| - | |||
| - | //This feature is available only in PuTTYgen 0.75 included in the latest beta release.// &beta | ||
| On the //Key// menu, you can also optionally change the method for generating the prime numbers used in the generated key. This is used for RSA and DSA keys only. (The other key types don't require generating prime numbers at all.) | On the //Key// menu, you can also optionally change the method for generating the prime numbers used in the generated key. This is used for RSA and DSA keys only. (The other key types don't require generating prime numbers at all.) | ||
| Line 92: | Line 90: | ||
| The fingerprint value is intended to be cryptographically secure, in the sense that it is computationally infeasible for someone to invent a second key with the same fingerprint, or to find a key with a particular fingerprint. So some utilities, such as the [[ui_pageant#list|Pageant key list box]] and the Unix ''ssh-add'' utility, will list key fingerprints rather than the whole public key. | The fingerprint value is intended to be cryptographically secure, in the sense that it is computationally infeasible for someone to invent a second key with the same fingerprint, or to find a key with a particular fingerprint. So some utilities, such as the [[ui_pageant#list|Pageant key list box]] and the Unix ''ssh-add'' utility, will list key fingerprints rather than the whole public key. | ||
| - | By default, PuTTYgen will display fingerprints in the SHA-256 format. If you need to see the fingerprint in the older MD5 format (which looks like ''aa:bb:cc:...''), you can choose //Show fingerprint as MD5// from the //Key// menu, but bear in mind that this is less cryptographically secure; it may be feasible for an attacker to create a key with the same fingerprint as yours. //SHA-256 is available only in PuTTYgen 0.75 included in the latest beta release.// &beta | + | By default, PuTTYgen will display fingerprints in the SHA-256 format. If you need to see the fingerprint in the older MD5 format (which looks like ''aa:bb:cc:...''), you can choose //Show fingerprint as MD5// from the //Key// menu, but bear in mind that this is less cryptographically secure; it may be feasible for an attacker to create a key with the same fingerprint as yours. |
| ===== [[comment]] Setting a Comment for Your Key ===== | ===== [[comment]] Setting a Comment for Your Key ===== | ||
| Line 149: | Line 147: | ||
| ===== [[save_params]] Parameters for Saving Key Piles ===== | ===== [[save_params]] Parameters for Saving Key Piles ===== | ||
| - | |||
| - | //This feature is available only in PuTTYgen 0.75 included in the latest beta release.// &beta | ||
| Selecting //Parameters for saving key files// from the //Key// menu lets you adjust some aspects of PPK-format private key files stored on disk. None of these options affect compatibility with SSH servers. | Selecting //Parameters for saving key files// from the //Key// menu lets you adjust some aspects of PPK-format private key files stored on disk. None of these options affect compatibility with SSH servers. | ||