## Wednesday, March 3, 2010

### Making Pageant automatically load keys on startup

So I have a few private keys I generated for Public-Key SSH authentication. In Windows I manage SSH keys with Pageant - an SSH authentication agent for PuTTY. PuTTY is an awesome SSH/Telnet client for Windows that also comes with a suite of helper utilities like key generator and agent.

My work week starts like this: I log into my Windows workstation, open Pageant and load my keys one after another. Since the keys are encrypted I have to enter a password for each key. Once the keys are in memory I can securely log into multitude of Linux servers (that have the public key) without enduring their login prompt each time. Pretty nice, but there is still some room for improvement.

I would like Pageant to start on boot/login and automatically load my keys. Pageant can load one or more private keys when it starts up if you provide them on the Pageant command line. The simplest way to do this in Windows XP is to create a specially crafted shortcut inside the Startup folder (Start -> Programs -> Startup):

1. go to Start menu, then "Programs", right click on the Startup folder and choose "Open"
2. right-click inside the folder and select "New", then "Shortcut"
3. browse to your PuTTY installation, for example "C:\Program Files\PuTTY" and select "pageant.exe"
4. name the shortcut whatever you want
5. right-click the newly created shortcut and select "Properties"

You should see something like this:

If all you have is one private key, simply append its full path to your "Target" field like so:

Target: "C:\Program Files\PuTTY\pageant.exe" C:\Path\to\myKeys\MyKey.ppk

Not bad, but with multiple keys the line becomes rather long. It also feels rather silly to specify the same path multiple times when all keys are stored in the same folder like this:

Target: "C:\Program Files\PuTTY\pageant.exe" C:\Documents and Settings\myaccount\My Documents\myKeys\key1.ppk C:\Documents and Settings\myaccount\My Documents\myKeys\key2.ppk C:\Documents and Settings\myaccount\My Documents\myKeys\key3.ppk

This is where the field "Start in" can help. By changing it we can tell Pageant to start in the folder containing our keys and load them by file name:

Target: "C:\Program Files\PuTTY\Pageant.exe" key1.ppk key2.ppk key3.ppk

Start in: "C:\Documents and Settings\myaccount\My Documents\myKeys"

Much better! This single shortcut will start Pageant and load the keys. If the keys are stored encrypted, Pageant will request the passphrases on startup, otherwise they'll be loaded without any prompts. If Pageant is already running, this will simply load the keys.