OpenPGP smartcard - authentication key

Werner Koch wk at
Mon May 2 16:12:33 CEST 2005

On Mon, 02 May 2005 11:37:17 +0200, Wolfgang Rosenauer said:

> As far as I understood it should be possible to save a SSH RSA key to
> the OpenPGP smartcard as authentication key.
> If this is true, how can this be done?

If that is an 1024 bit RSA key, this is indeed possible.  The HOWTO
will tell you:

In short: Use gpg --edit-key and then the command keytocard.  The
problem might be to convert an SSH key to a GnuPG key. There is no
instant solution for 1.4 - with 1.9 and the gpg-agent SSH support is
included and a mere ssh-add will be suffcient; but well the key is
then stored in gpg-agent's own format.

In general I do not suggest to do this at all.  Better generate a new
key on-card and use this as your new ssh key. It is pretty simple to
change your ssh key and this allows you to slowly retire your old ssh



More information about the Gnupg-users mailing list