GnuPG & OpenSSH

John Clizbe JPClizbe at tx.rr.com
Wed Aug 22 05:46:15 CEST 2007 

Alex Mauer wrote:
> Werner Koch wrote:
>> On Mon, 20 Aug 2007 14:10, sriharivijayaraghavan at yahoo.com.au said:
>> 
>> Yes.  However you want separate keys for separate tasks.  Fortunately
>> OpenPGP provides just that: There is a primary key for certifying other
>> keys (and subkeys) and subkeys for encryption, signing and
>> authentication.  The authentication key may be used for SSH.
> 
> How can one generate this authentication key, other than via the OpenPGP
> smart card?

jpclizbe at booboo ~
$ gpg --expert --gen-key
Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (3) DSA (set your own capabilities)
   (5) RSA (sign only)
   (7) RSA (set your own capabilities)
Your selection? 7

Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? A

Possible actions for a RSA key: Sign Certify Encrypt Authenticate
Current allowed actions: Sign Certify Encrypt Authenticate

   (S) Toggle the sign capability
   (E) Toggle the encrypt capability
   (A) Toggle the authenticate capability
   (Q) Finished

Your selection? Q
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

Follow the rest of the prompts.

You could also add an Authenticate subkey.

-- 
John P. Clizbe                      Inet:   John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?"        / "two words: good decisions."
"what's the key to good decisions?" /  "one word: experience."
"how do i get experience?"          / "two words: bad decisions."

"Just how do the residents of Haiku, Hawai'i hold conversations?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 663 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20070821/c124e7bf/attachment.pgp

More information about the Gnupg-users mailing list