OpenPGP card and gpg-agent --enable-ssh-support

Werner Koch wk at gnupg.org
Sat Sep 3 09:03:34 CEST 2005


On Sat, 03 Sep 2005 01:48:30 +0200, Andreas Liebschner said:

> But it still asks me the actual password for the user, not the pin or
> the passphrase of my gpg key. So I thought I should have added some

What does 

  ssh-add -l

give?  You should see the fingerprint of the card's key as well as
the card's number.  Note that there isno actual need for gpgkey2ssh; I
simply do

  ssh-add -L

which gives me the public key directly from the card.

To better debug what's going on, the first thing you should do is to
run

  ssh -v host

this will show you what keys are offered to the server and whether
they worked.

> Also, I noticed gpgkey2ssh will always produce a ssh-rsa key, even if I
> pass it the CS or the E key, is this normal?

Yes.


Salam-Shalom,

   Werner




More information about the Gnupg-users mailing list