Yubikey, GnuPG 2.1 Modern, and SSH on OS X
simon at josefsson.org
Fri Jan 15 21:30:36 CET 2016
> > Why do you add the keygrip to the sshcontrol file? I have never
> > needed that step. For me it uses the right key directly. Is it
> > because you have another (revoked) A subkey? It sounds somewhat of
> > sub-optimal behaviour for gpg-agent's SSH support to use a revoked
> > key instead of the non-revoked key.
> I do have a revoked Authentication sub-key on my primary key, but I
> no longer use it and that is also not why I added the keygrip entry to
> sshcontrol file. I added it at the suggestion of Werner in this post:
> And these blog posts:
> Is this suggestion outdated?
I don't recall ever using it, and I've been using SSH with smartcards
through gpg-agent for over 10 years. What happens if you drop that
part? For me it has always selected the right subkey automatically.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 473 bytes
Desc: OpenPGP digital signatur
More information about the Gnupg-users