DEV Community

Cover image for A native Windows SSH agent using CNG/KSP, with no dependencies, smartcard support, and full RDP compatibility
Sanmilie
Sanmilie

Posted on

A native Windows SSH agent using CNG/KSP, with no dependencies, smartcard support, and full RDP compatibility

#programming #productivity #security #architecture

Windows ships with a strong cryptographic subsystem (CNG/KSP), a mature certificate store, and enterprise identity mechanisms such as ADCS, TPM, Windows Hello, and smartcards.
Despite this, Windows still lacks a modern SSH agent capable of using these identities.

Existing solutions fall short in real environments:
OpenSSH for Windows cannot use CNG/KSP keys or enterprise certificates.
Pageant does not work reliably in RDP or multi-session environments.
gpg-agent is not native to Windows and cannot use CNG/KSP or smartcards.
OpenSC PKCS#11 modules do not integrate with the Windows Certificate Store.
WinCryptSSHAgent is incomplete and unstable under load.
For an OS used heavily in enterprise environments, this gap has been present for more than a decade.
This project implements the missing piece.

Overview
SRO PKCS11 – SSH Agent CNG is a single Windows executable that unifies:
a complete PKCS#11 module (Firefox, OpenSC, ssh -I)
an OpenSSH-compatible SSH agent
a Pageant-compatible server for PuTTY
a CNG/KSP backend for smartcards, TPM, Windows Hello, and enterprise certificates
a WSL2 TCP listener

It has no external dependencies, no CRT, no DLLs, and no middleware.
It works in RDP, RemoteApp, Citrix, multi-session, and hardened environments.

Repository:
https://github.com/Sanmilie/PKCS11SSHAgent (github.com in Bing)

The problem: Windows cannot use enterprise identities for SSH

  1. Enterprise certificates cannot be used for SSH OpenSSH for Windows cannot use:
  • non-exportable keys
  • ADCS-issued certificates
  • TPM-backed keys
  • Windows Hello keys
  • smartcards using CNG/KSP
  • This forces administrators to generate private keys on disk, which is a security regression compared to enterprise identity standards.

  1. Pageant is not ssh native
    Pageant requires a hidden window to function.
    Limited in PuTTY solution only

  2. gpg-agent is not a Windows-native solution
    It does not support:

CNG/KSP

  • Windows smartcard minidrivers
  • enterprise certificates
  • non-exportable keys
  • multi-session environments
  1. PKCS#11 modules do not integrate with the Windows Certificate Store OpenSC cannot access:
  • TPM-backed keys
  • Windows Hello keys
  • ADCS certificates
  • Virtual Smartcards
  • As a result, none of the existing tools can use the identities that Windows already manages securely.

The solution: a unified, native, dependency-free agent
This project provides a single executable that exposes:

a full PKCS#11 module
an SSH agent
a Pageant server
a WSL2 TCP bridge
a CNG/KSP cryptographic backend

All cryptographic operations are delegated to Windows.
Private keys never leave the KSP.
PIN entry is handled by the native Windows UI.

Key properties

  • Native CNG/KSP integration
  • Works in RDP and multi-session environments
  • No dependencies, no CRT, no external DLLs
  • Supports smartcards, TPM, Windows Hello, ADCS certificates
  • Supports RSA, ECDSA, Ed25519, Ed448, Brainpool
  • Supports PKCS#11 with 14 mechanisms
  • Supports OpenSSH, Git for Windows, Visual Studio, PuTTY, WSL, WSL2
  • Optional Windows service mode for hardened environments

Why this is the best option on Windows today

  1. Full CNG/KSP support
  • The agent uses:
  • NCryptSignHash
  • the Windows Certificate Store
  • smartcard minidrivers
  • TPM and Hello providers

Private keys:

  • are never exported
  • never transit through the agent
  • remain inside the KSP at all times
  • PIN handling is performed entirely by Windows.
  1. RDP-safe and multi-session safe the agent:
  • works in RDP
  • works in RemoteApp
  • works in Citrix
  • works in multiple sessions
  • works in non-interactive sessions
  1. A single binary
  • No DLLs.
  • No runtime.
  • No external libraries.
  • No registry pollution.
  1. Complete PKCS#11 implementation Compatible with:
  • Firefox
  • pkcs11-tool
  • ssh -I
  • Any pcks11 enabled product
  • Supports RSA, ECDSA, EdDSA, Brainpool, and PSS.
  1. Complete SSH agent Compatible with:
  • OpenSSH
  • Git for Windows
  • Visual Studio
  • VSCode Remote
  • WSL
  • WSL2 (via TCP 127.0.0.1:10022)

  1. Pageant compatibility
    PuTTY, plink, pscp, psftp all work.

  2. Optional Windows service mode
    For hardened or multi-user environments:

service runs in session 0
helper runs in the user session
PIN UI appears in the correct session
strict isolation between service and crypto operations

Example: using an ADCS certificate for SSH
Install the certificate in the Windows Certificate Store (non-exportable key).

Start the agent.

Export the public key:

Code
ssh-agent.exe -exportkey id.pub
Add id.pub to authorized_keys on the server.

Connect:

Code
ssh user@server
No private key file.
No token required.
No additional configuration.

Where this agent is most useful
RDP / RemoteApp / Citrix environments

Windows jump hosts

PKI / ADCS administrators
DevOps using Windows + WSL2
Enterprises using smartcards (PIV/GIDS/YubiKey)
Enterprises using TPM or Windows Hello
Hardened workstations
Windows-based CI pipelines

Download
https://github.com/Sanmilie/PKCS11SSHAgent

Top comments (0)