wk at gnupg.org
Tue Apr 20 15:02:56 CEST 2004
On Tue, 20 Apr 2004 13:16:35 +0200, Sylvain Beucler said:
> However, I have been searching for an equivalent to ssh-add, with no
> luck. Is such a tool present in GnuPG?
There is no need for it.
When using gpg with the gpg-agent, the ganet does not do what it
eventually should: Keeping all secret key stuff under the sole
control of the agent. Instead gpg uses the agent simply as a way to
access the pinentry and to cache passphrases.
gpgsm (the S/MIME cousing of gpg) uses gpg-agent the real way.
We have several ways adding secret keys to the gpg-agent: If gpgsm
creates a certification request, it requests gpg-agent to create a
secret key and store it away, gpg-agent then returns the public part
and takes requests for signing and decryption. If you have a pkcs#12
file with a secret key, gpgsm allows to import it (simply use "gpgsm
--import") by forwarding the secret key to the agent. If you use a
smartcard, the secret key is stored there and the agent will only
store way a stub secret key with a reference to the smartcard.
Finally you may add a secret key to the agents secret key store by
copying the file to there.
More information about the Gnupg-devel