gpgkey2ssh and Ed25519 key

NIIBE Yutaka gniibe at fsij.org
Tue Dec 22 01:06:18 CET 2015


On 12/21/2015 09:28 AM, perillamint wrote:
> I'm having trouble setting up ssh auth using Ed25519 key.

When you configure your gpg-agent properly (for your key), you can use
the SSH tool of ssh-add with option -L to show your public key in SSH
format.

Thank you for using new feature.  I know that gpgkey2ssh is still
useful in some cases, but I think that you don't need it because we
can use 'ssh-add -L'.

Here is an example session to configure GnuPG for Ed25519 key.  In
this example, I'm adding an authentication subkey for me.  Here we go.


I invoke gpg 2.1.x with --edit-key option specifying my name.
An option of --expert is required for Ed25519 key, since it's
not yet in the OpenPGP standard.

    $ gpg2 --expert --edit-key gniibe
    gpg (GnuPG) 2.1.10; Copyright (C) 2015 Free Software Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.

    Secret key is available.

    sec  rsa2048/4CA7BABE
         created: 2010-10-15  expires: never       usage: SC
         card-no: F517 00000001
         trust: ultimate      validity: ultimate
    ssb  rsa2048/084239CF
         created: 2010-10-15  expires: never       usage: E
         card-no: F517 00000001
    ssb  rsa2048/5BB065DC
         created: 2010-10-22  expires: never       usage: A
         card-no: F517 00000001
    [ultimate] (1). NIIBE Yutaka <gniibe at fsij.org>
    [ultimate] (2)  NIIBE Yutaka <gniibe at debian.org>

These are my keys (on smartcard, in this case).  I'm adding a subkey
of Ed25519 by the subcommand of "addkey".

    gpg> addkey
    Secret parts of primary key are stored on-card.
    Please select what kind of key you want:
       (3) DSA (sign only)
       (4) RSA (sign only)
       (5) Elgamal (encrypt only)
       (6) RSA (encrypt only)
       (7) DSA (set your own capabilities)
       (8) RSA (set your own capabilities)
      (10) ECC (sign only)
      (11) ECC (set your own capabilities)
      (12) ECC (encrypt only)
      (13) Existing key
    Your selection? 11

I select "(11) ECC (set your own capabilities)" for authentication
key.  Then, put the capability of "Authenticate"...

    Possible actions for a ECDSA key: Sign Authenticate
    Current allowed actions: Sign

       (S) Toggle the sign capability
       (A) Toggle the authenticate capability
       (Q) Finished

    Your selection? s

Removed "Sign" capability, by typing "s" and RETURN.

    Possible actions for a ECDSA key: Sign Authenticate
    Current allowed actions:

       (S) Toggle the sign capability
       (A) Toggle the authenticate capability
       (Q) Finished

    Your selection? a

Added "Authenticate" capability, by typing "a" and RETURN.

    Possible actions for a ECDSA key: Sign Authenticate
    Current allowed actions: Authenticate

       (S) Toggle the sign capability
       (A) Toggle the authenticate capability
       (Q) Finished

    Your selection? q

Done (by typing "q" and RETURN).  Then, selection of the Curve...

    Please select which elliptic curve you want:
       (1) Curve 25519
       (2) NIST P-256
       (3) NIST P-384
       (4) NIST P-521
       (5) Brainpool P-256
       (6) Brainpool P-384
       (7) Brainpool P-512
    Your selection? 1

I selected "(1) Curve 25519" by typing "1" and RETURN.  The name would
be confusing, but this is the curve for Ed25519.

    gpg: WARNING: Curve25519 is not yet part of the OpenPGP standard.
    Use this curve anyway? (y/N) y

Yup, we know.  Confirmed by typing "y" and RETURN.

    Please specify how long the key should be valid.
             0 = key does not expire
          <n>  = key expires in n days
          <n>w = key expires in n weeks
          <n>m = key expires in n months
          <n>y = key expires in n years
    Key is valid for? (0)
    Key does not expire at all
    Is this correct? (y/N) y
    Really create? (y/N) y

Answered "y", more times.  Then, I was asked for passphrase (two
times, not shown).  I inputted it by pinentry.

    We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.


    sec  rsa2048/4CA7BABE
         created: 2010-10-15  expires: never       usage: SC
         card-no: F517 00000001
         trust: ultimate      validity: ultimate
    ssb  rsa2048/084239CF
         created: 2010-10-15  expires: never       usage: E
         card-no: F517 00000001
    ssb  rsa2048/5BB065DC
         created: 2010-10-22  expires: never       usage: A
         card-no: F517 00000001
    ssb  ed25519/9E350F4D
         created: 2015-12-21  expires: never       usage: A
    [ultimate] (1). NIIBE Yutaka <gniibe at fsij.org>
    [ultimate] (2)  NIIBE Yutaka <gniibe at debian.org>

OK, I have the subkey of ed25519/9E350F4D.  Good.

    gpg> save

Saved.  We need the keygrip of this subkey to configure gpg-agent for
the SSH key.  I invoke the gpg to see the keygrip:

    $ gpg2 --with-keygrip --list-keys gniibe
    pub   rsa2048/4CA7BABE 2010-10-15
          Keygrip = 101DE7B639FE29F4636BDEECF442A9273AFA6565
    uid         [ultimate] NIIBE Yutaka <gniibe at fsij.org>
    uid         [ultimate] NIIBE Yutaka <gniibe at debian.org>
    sub   rsa2048/084239CF 2010-10-15
          Keygrip = 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C
    sub   rsa2048/5BB065DC 2010-10-22
          Keygrip = 5D6C89682D07CCFC034AF508420BF2276D8018ED
    sub   ed25519/9E350F4D 2015-12-21
          Keygrip = 308EB1096486CF3694380875EDC4C2C9973CB000

OK, the keygrip for ed25519/9E350F4D (my Ed25519 key) is:

	308EB1096486CF3694380875EDC4C2C9973CB000

I put it in ~/.gnupg/sshcontrol.  If done by command-line, it would be:

    $ echo 308EB1096486CF3694380875EDC4C2C9973CB000 >> ~/.gnupg/sshcontrol

Well, I did edit the file by Emacs, though.  Then, invoke
gpg-connect-agent to reload the file (of sshcontrol).

    $ gpg-connect-agent RELOADAGENT /bye
    OK

Let's see if gpg-agent knows the new key.  I invoke ssh-add -L:

    $ ssh-add -L
    ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC/XqCK831odBl7Po174AExdRlOcyNSCKfJR18Mrxi8LnKwyjDgGH7Z29Qm4XyZvnLkJvSLcYiSx46iDMWbIYH7w1Or57kp/sUzdlj6clmlV8zklVthppYWpFd+x6Qif9CndRKcPr9S1+tbAIlU5k42RG90XnhEQF1/V3MR01mG0Ey9xBAIoHizZKX5XAjPheVGdDyZERB7Zry3e8kDrU+OjsVTjzq7oXtCE7EwI5c+pBQdF8qfXZC35nAizu0oqQEBne5MsF9ZIBaY/D+hhXVV51oyyCEwNGTr8Ol6KXKK7MWhf16gd0zjulwvO9xH88Q0n1eYur3plH+BZVjXOQPr
cardno:F51700000001
    ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIL3u/YlGa9VfB/QdWCv8hOTonLpEoKoci2pCm/uI/XT7 (none)

OK, it is registered now (along with my old RSA key).  We can see that
it's shorter than the one of RSA.

I'm putting this new key to my remote host where I already have my RSA
public key.

    $ ssh-copy-id MY-REMOTE-HOST
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new
key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if
you are prompted now it is to install the new keys

    Number of key(s) added: 1

    Now try logging into the machine, with:   "ssh '******.****.***'"
    and check to make sure that only the key(s) you wanted were added.

OK, done.  My public key of ed25519/9E350F4D is registered onto the
~/.ssh/authorized_key of the remote machine.  I'm login-ing into the
machine to confirm my new key really works (removing my token which
has RSA keys)...

    gniibe at OrangePI:~$

Yes, I'm using Orange Pi PC these days.
-- 



More information about the Gnupg-users mailing list