using an expired GPG key with ssh

Marko Bauhardt marko.bauhardt at mailbox.org
Tue Feb 16 09:42:10 CET 2016


>> 
>> But the question i have is, will `ssh-add` or `monkeysphere subkey-to-ssh-agent` will fail when my GPG subkey is expired?
> 
> Quote (using nroff):
> The  monkeysphere  commands work from a set of user IDs to deter‐
> mine acceptable keys for ssh  and  TLS  authentication.   OpenPGP
> keys are considered acceptable if the following criteria are met:
> The key must have the ‘authentication’ (‘a’) usage flag set.  The
> key  itself  must  be valid, i.e. it must be well‐formed, not ex‐
> pired, and not revoked.  The relevant user ID must be signed by a
> trusted identity certifier.

Thanks. This is what i searched for. I should read the manual more precisely ;)

> 
> 
> According to the gnupg.info manual it is possible to use the gpg.agent
> "as a drop-in replacement" for the ssh-agent (and I'd prefer doing
> that)

I know that. But i saw not really an advantage to using the gpg agent, except of the using of TTL’s for keys i want to add.
What are your points to use the gpg-agent instead the ssh-agent?



Thanks for your comments
Marko


--

Marko Bauhardt
marko.bauhardt at mailbox.org

Bitte schützen Sie meine und Ihre Privatsphäre, nutzen Sie PGP
Please protect my and your privacy, use PGP

Key ID: 53192101
Fingerprint: DC0F E851 82A3 72E3 7FE1  ACDB 970C FD47 5319 2101




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/attachments/20160216/34cdbe79/attachment.sig>


More information about the Gnupg-users mailing list