Yubikey, GnuPG 2.1 Modern, and SSH on OS X
Simon Josefsson
simon at josefsson.org
Fri Jan 15 10:29:13 CET 2016
Glenn Rempe <glenn at rempe.us> writes:
> I recently setup my own Mac w/ gnupg 2.1.10, and I am using a Yubikey to
> manage my gpg private keys and I am using that key for SSH auth. I have it
> all up and running but I ran into some issues as well so I wrote up a blog
> post. I'd appreciate any suggestions for improvement and especially for
> any ideas for a better fix for the workaround I had to do that I documented
> at the end of the post. Maybe this will be of some use to those wanting to
> use the latest gpg for SSH auth on a Mac with a Yubikey.
>
> https://www.rempe.us/blog/yubikey-gnupg-2-1-and-ssh/
Have you tried killing/restarting scdaemon only, not gpg-agent?
Try:
gpgconf --reload scdaemon
or
gpg-connect-agent "SCD KILLSCD" "SCD BYE" /bye
Why do you add the keygrip to the sshcontrol file? I have never needed
that step. For me it uses the right key directly. Is it because you
have another (revoked) A subkey? It sounds somewhat of sub-optimal
behaviour for gpg-agent's SSH support to use a revoked key instead of
the non-revoked key.
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 472 bytes
Desc: not available
URL: </pipermail/attachments/20160115/b3ae5e91/attachment.sig>
More information about the Gnupg-users
mailing list