Convert GPG key to ssh key
kardan38 at gmail.com
Mon Dec 8 19:21:20 CET 2014
Hi Daniel and Werner,
Thanks for the quick repsonse and more inline...
> Is they key you're looking to convert an RSA key or a DSA key?
> The above suggests that it is not. (see the list of publickey algorithms
> for OpenPGP ).
I am trying to convert RSA key and I am just avoiding use an external tool
such as monkeysphere while converting keys.
> Are you trying to convert a specific subkey? are you identifying the
> subkey explicitly?
I will use subkey for ssh authentication and while using *`gpgkey2ssh
$key_id` *command I am giving subkey id explicitly. What I could not
understand is why the above command works inconsistently. It works on one
of my setups but does not on another.
No need to convert a key if you are using gnupg 2.1. Run
> gpg -K --with-keygrip USERID
> and pick the keygrip from the output. For example:
> sec# rsa2048/E455F2D7CC9C6BBC 2009-11-05
> Keygrip = B0C352EC5B3336681535ED3CC2FA62807B64B2CF
> uid [ unknown] Enoch Root (test) <enoch at example.org>
> ssb rsa2048/591B5112D5A9C5A6 2009-11-05
> Keygrip = 84722EE009690AA87BAF80A62EB0186CFCF72E64
> ssb# rsa2048/D367147F5CB0CDF0 2009-11-05
> Keygrip = 79DA43AD276B52EABFF0661153276A8E5A5F8DB9
> To use the second subkey with ssh, you then do:
> echo >>~/.gnupg/sshcontrol 79DA43AD276B52EABFF0661153276A8E5A5F8DB9 0
> (note the "0" after the keygrip)
Yeah I know that feature in 2.1.0 version, but why I am insisting on using
*`gpgkey2ssh` *command is I am going to automate this process and
-L` *strictly requires an running agent and it does not extract public part
of key pair compatible with authorized_key file unless agent is running.
(as mentioned in this tutorial
discussions in mailing list
to Werner Koch- using sshcontrol file during ssh authentication requires
using ssh-add command)
What I am really looking for is there a workaround to use
without getting the error given in first mail?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users