Werner Koch wk at
Tue Apr 20 15:02:56 CEST 2004

On Tue, 20 Apr 2004 13:16:35 +0200, Sylvain Beucler said:

> However, I have been searching for an equivalent to ssh-add, with no  
> luck. Is such a tool present in GnuPG?

There is no need for it.

When using gpg with the gpg-agent, the ganet does not do what it
eventually should:  Keeping all secret key stuff under the sole
control of the agent.  Instead gpg uses the agent simply as a way to
access the pinentry and to cache passphrases.

gpgsm (the S/MIME cousing of gpg) uses gpg-agent the real way.  

We have several ways adding secret keys to the gpg-agent: If gpgsm
creates a certification request, it requests gpg-agent to create a
secret key and store it away, gpg-agent then returns the public part
and takes requests for signing and decryption.  If you have a pkcs#12
file with a secret key, gpgsm allows to import it (simply use "gpgsm
--import") by forwarding the secret key to the agent.  If you use a
smartcard, the secret key is stored there and the agent will only
store way a stub secret key with a reference to the smartcard.
Finally you may add a secret key to the agents secret key store by
copying the file to there.



More information about the Gnupg-devel mailing list