Help with GPG agent forwarding
ben at skyportsystems.com
Fri May 22 19:18:40 CEST 2015
I’m trying to set things up so that I can sign files on a remote Linux machine using keys on my mac. It looks like the new agent forwarding should fit the bill, and it feels like I’m really close, but missing something critical.
* OSX Yosemite
* OpenSSH 6.8p1, installed using Homebrew
* gpg and gpg-agent v2.1.4
* Ubuntu 14.04
* OpenSSH 6.7p1, installed from source
* gpg and gpg-agent v2.1.3, installed from source
Locally, I start gpg-agent like this:
eval $(gpg-agent --daemon --extra-socket=S.gpg-extra-agent)
To connect, I use this command line:
ssh <remote host> -R <remote home>/.gnupg/S.gpg-agent:~/.gnupg/S.gpg-extra-agent
It seems that the UNIX socket tunnel is set up: I see the “S.gpg-agent” socket file appear on the remote machine and neither the SSH client nor server complains.
But… I don’t see the key info going through.
$ gpg -k
pub dsa2048/00D026C4 2010-08-19 [expires: 2015-08-18]
uid [ultimate] GPGTools Team <team at gpgtools.org>
uid [ultimate] GPGMail Project Team (Official OpenPGP Key) <gpgmail-devel at lists.gpgmail.org>
uid [ultimate] GPGTools Project Team (Official OpenPGP Key) <gpgtools-org at lists.gpgtools.org>
uid [ultimate] [jpeg image of size 5871]
sub elg2048/DBCBE671 2010-08-19 [expires: 2015-08-18]
< snip my keys >
$ gpg2 -k
$ gpg2 --output myfile.sig --sign myfile.txt
gpg: no default secret key: No secret key
gpg: signing failed: No secret key
I’m a little confused as to where gpg-agent needs to be running, and what config options both for the agent and client need to be set. Please give me ideas as to what may be missing and how I can debug this further.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3583 bytes
Desc: not available
More information about the Gnupg-users