possible sshcontrol flag for ssh key comment?

Donavan-Ross Costaras d.costaras at gmail.com
Mon Mar 16 14:36:22 CET 2015


I'm pretty new to pgp and gpg so please bare with me.

I'm using gnupg 2.1.2 and trying to use an authentication sub key for ssh
logins. I'm also attempting to not go via converting the gpg key into an
ssh key. I.e. I use the new --key-grip option and load the key-grip
straight into .gnupg/sshcontrol

All's groovy until I tried to use it for gitolite. Gitolite uses the
presented ssh key as authentication against it's collection of ssh pub
keys. So in order to authenticate with the correct user you need to present
the correct key.

To present the correct key I use .ssh/confg to define the identityFile (ssh
key) used for that user.

The problem is I can't add an ssh comment if I don't put the key through
something like monkeyshere or gpgkey2ssh. With the comment being the
virtual ssh key location .ssh/config works as normal for defining hosts and
associated keys.

So, in my limited understanding, would it not be useful to be able to set
the ssh key comment in the .gnupg/sshcontrol file as a flag? So that if I
add the keygrip to sshcontrol and do ssh-add -L I would be presented with:

ssh-rsa ***key*** comment-as-flag

as apposed to:

ssh-rsa ***key*** (none)

Or am I being silly and should just go via transforming in into an actual
ssh key and importing that via ssh-add. Does that not create two keys from
one though?

I think I'm subscribed to the list but in case I'm not please cc me.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150316/f11236fa/attachment.html>

More information about the Gnupg-users mailing list