SyncServer S100

Windows prevents programs from accidentally accessing one another's memory space and it allows programs to access one another's memory space deliberately (e.g., debugging). If a virus, trojan, or other malicious program attaches onto your Windows system while Pageant is running, it could access the memory of the Pageant process, extract your decrypted authentication keys, and send them back to its master.

Before you run Pageant, you need to have a private key. Use Puttygen.exe to do this. When you run Pageant, it will put an icon of a “computer wearing a hat” into the System tray. It will remain there and do nothing until you load a private key into it.

PUTTYGEN.EXE

is a key generator. It generates pairs of public and private keys to be used with PuTTY, PSCP, Plink, as well as the PuTTY authentication agent, Pageant. PuTTYgen generates RSA and DSA keys. Use it as an alternative means of identifying yourself to a login server, instead of typing a password.

In conventional password authentication, you prove you are who you claim to be by knowing the correct password. The only way to prove you know the password is to enter it. If the server has been compromised, an intruder could learn your password.

Public key authentication (Puttygen.exe) solves this problem. You generate a key pair, consisting of a public key—which everybody is allowed to know, and a private key— which you keep secret and not give to anyone. The private key is able to generate signatures. A signature created using your private key cannot be forged by anyone unless they have that key. Anyone who has your public key can verify that a particular signature is genuine.

So you generate a key pair on your own computer, and you copy the public key to the server. Then, when the server asks you to prove who you are, Putty.exe can generate a signature using your private key. The server can verify that signature (since it has your public key) and allow you to log in.

Note: Keep the packing materials for future use. These materials are custom designed to protect the S100 during storage and shipping. Use them if you need to return the unit to Symmetricom (for Customer Assistance see “Appendix D” on page 137).

18

S100 User Guide – Rev. D – June 2005

Page 26
Image 26
Symmetricom S100 manual Puttygen.Exe