u0m3 Posted February 17, 2019 Report Share Posted February 17, 2019 Using OpenSSH natively in Windows is awesome since Windows admins no longer need to use Putty and PPK formatted keys. I started poking around and reading up more on what features were supported, and was pleasantly surprised to see ssh-agent.exe is included. tl;dr: Private keys are protected with DPAPI and stored in the HKCU registry hive. I released some PoC code here to extract and reconstruct the RSA private key from the registry Source: https://blog.ropnop.com/extracting-ssh-private-keys-from-windows-10-ssh-agent/ 1 1 Quote Link to comment Share on other sites More sharing options...