Pageant can be made to do things automatically when it starts up, by specifying instructions on its command line. If you're starting Pageant from the Windows GUI, you can arrange this by editing the properties of the Windows shortcut that it was started from. If Pageant is already running, invoking it again with the options below causes actions to be performed with the existing instance, not a new one.
9.3.1 Making Pageant automatically load keys on startup Pageant can automatically load one or more private keys when it starts up, if you provide them on the Pageant command line. Your command line might then look like:
C:\PuTTY\pageant.exe d:\main.ppk d:\secondary.ppk
If the keys are stored encrypted, Pageant will request the passphrases on startup.
If Pageant is already running, this syntax loads keys into the existing Pageant.
9.3.2 Making Pageant run another program You can arrange for Pageant to start another program once it has initialised itself and loaded any keys specified on its command line. This program (perhaps a PuTTY, or a WinCVS making use of Plink, or whatever) will then be able to use the keys Pageant has loaded.
You do this by specifying the -c option followed by the command, like this: C:\PuTTY\pageant.exe d:\main.ppk -c C:\PuTTY\putty.exe
9.4 Using agent forwarding Agent forwarding is a mechanism that allows applications on your SSH server machine to talk to the agent on your client machine.
Note that at present, agent forwarding in SSH-2 is only available when your SSH server is OpenSSH. The ssh.com server uses a different agent protocol, which PuTTY does not yet support. To enable agent forwarding, first start Pageant. Then set up a PuTTY SSH session in which ‘Allow agent forwarding’ is enabled (see section 4.21.6
). Open the session as normal. (Alternatively, you can use the -A command line option; see section 3.8.3.10
for details.) If this has worked, your applications on the server should now have access to a Unix domain socket which the SSH server will forward back to PuTTY, and PuTTY will forward on to the agent. To check that this has actually happened, you can try this command on Unix server machines:
unixbox:~$ echo $SSH_AUTH_SOCK
/tmp/ssh-XXNP18Jz/agent.28794
unixbox:~$
If the result line comes up blank, agent forwarding has not been enabled at all.
Now if you run ssh on the server and use it to connect through to another server that accepts one of the keys in Pageant, you should be able to log in without a password:
unixbox:~$ ssh -v otherunixbox
[...]
debug: next auth method to try is publickey
debug: userauth_pubkey_agent: trying agent key my-putty-key
debug: ssh-userauth2 successful: method publickey
[...]