OpenPGP smartcard - authentication key
Werner Koch
wk at gnupg.org
Mon May 2 16:12:33 CEST 2005
On Mon, 02 May 2005 11:37:17 +0200, Wolfgang Rosenauer said:
> As far as I understood it should be possible to save a SSH RSA key to
> the OpenPGP smartcard as authentication key.
> If this is true, how can this be done?
If that is an 1024 bit RSA key, this is indeed possible. The HOWTO
will tell you:
http://www.gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO
In short: Use gpg --edit-key and then the command keytocard. The
problem might be to convert an SSH key to a GnuPG key. There is no
instant solution for 1.4 - with 1.9 and the gpg-agent SSH support is
included and a mere ssh-add will be suffcient; but well the key is
then stored in gpg-agent's own format.
In general I do not suggest to do this at all. Better generate a new
key on-card and use this as your new ssh key. It is pretty simple to
change your ssh key and this allows you to slowly retire your old ssh
key.
Shalom-Salam,
Werner
More information about the Gnupg-users
mailing list