YubiKey + PuTTY (.. I know) = ♥

TL;DR: I use PuTTY on Windows, with my Yubikey. Because I keep forgetting how to set it up, here’s a short writeup on that process.

When I use Windows, I rely on PuTTY for remotely connecting to other computers. I know, I know. It’s, to some degree, counterintuitive. I’m aware that Windows comes bundled with OpenSSH, I know there’s WSL. But I’ve been doing it for years now, and there’s no obvious downside to it (or upside to switching away from it) that I might as well keep doing so.

One thing I always forget is how to get PuTTY to play nicely with my Yubikey, which I use for authenticating through the PGP-key stored on it - so, by using the excuse of “This might be useful for someone else!” to trick my brain into writing things down, here’s to configure GnuPG on Windows to allow you to use a Yubikey with PuTTY, if you so desire:

Start by installing GPG4Win. All the necessary components should be checked in the installer, but since I accidentally unchecked one, here’s what you need to install, at least:

  • Kleopatra
  • GPGEX (which doesn’t really make sense, but for some reason things don’t work when this isn’t installed)

Next you need to tell the GnuPG-agent to work with PuTTY, by making sure gpg-agent.conf (which is situated under C:\Users\username\AppData\Roaming\gnupg on Windows 11) contains the following:

default-cache-ttl 600
max-cache-ttl 7200

(To be completely honest, I’m quite sure that the first two lines would suffice, but my configuration on Windows has looked like this for ages, and I’m too lazy to find out if remove the line about the standard socket would have any effect)

Afterwards all that’s needed is for the GnuPG-agent to be restarted:

gpg-connect-agent killagent /bye
gpg-connect-agent /bye

And that’s it. The horrible sentence YubiKey + PuTTY = ♥ becomes true.