Authenticate capability of DSA or RSA signing keys

David Shaw dshaw at
Mon Feb 11 05:46:47 CET 2008

On Sun, Feb 10, 2008 at 10:34:51PM -0600, Kevin Hilton wrote:
> >Sign = sign some data
> >Certify = sign a key
> >Authenticate = prove you are you
> >Authenticate is used for things like using an OpenPGP key for ssh.
> I forgot about the certifying of keys, sorry about that.
> I knew openssh utilized rsa or dsa keys, but didn't know that the same
> gpg keys could be used for this purpose.  That's very interesting.  I
> suppose however the reverse is not true.  I suppose I could not take
> my rsa openssh keypair, and somehow make them work with gpg?

Math is math.  You could make an OpenSSH key into an OpenPGP key (or
vice versa) if you wanted.  It's just a file format change and some
related glue.  Doing this doesn't really give you anything useful
though.  The OpenPGP authentication key allows you to authenticate to
things like ssh - it doesn't make the key into an ssh key, just allows
it to act as if it was one.


More information about the Gnupg-users mailing list