gpg-agent, authentication key, and ssh
Matthew Monaco
matt at 0x01b.net
Tue Jul 23 06:34:32 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
(Sorry if this has been asked/explained but my searches return mostly
directions on using ssh-add with gpg-agent.)
As I understand it, I can create an authentication subkey and use some utility
to convert that to an ssh key. If this conversion is possible, then why can't
the gpg-agent consider private auth (sub)keys along with ssh keys loaded via
the SSH_AUTH_SOCK protocol?
===
Also, out of curiosity... Would it be possible to multiplex the GPG_AGENT_INFO
protocol with SSH_AUTH_SOCK? Damien Miller of OpenSSH has talked about unix
socket forwarding [0], but nothing has come of it. I think it'd be a big win
for usability and security if we could easily sign/encrypt on a remote host.
(/Easily/, so no socat).
Best,
Matt
[0] http://marc.info/?l=openssh-unix-dev&m=135207982210122
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
iJwEAQEKAAYFAlHuB9gACgkQCQQZ328kNeqmHQQAqds7hzzsEczCZ1wd+wDVI45N
L/UTpD/sxqaIqGBb7w2nLbvjielMpXRT4AuUHqfMwfD2Y/NwAxXGkWlUz8G0kSwZ
hf+tN0MlpWuudOwb6rC/FC5JPd0PKaTWwJLnf6T5YAWG8ZgaILSzUo4v79+CaBMo
ncJTjr1kySfCjlRu7ZE=
=0vbj
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list