Yubikey, GnuPG 2.1 Modern, and SSH on OS X
glenn at rempe.us
Sat Jan 16 00:47:07 CET 2016
Thanks Peter, I was not aware of that (and it certainly explains the double
entry in ssh-add -l.
btw, Werner was not writing that response to me. It was just pointed out to
me, so yes it was
probably not smart card specific I would guess. I'll update the blog post
to reflect that we
probably do not need to modify sshcontrol for use with Yubikey.
Back to the main issue I am having. I followed the instructions to output a
verbose scdaemon log
which I was exercising this issue. Here is a gist with the commands I was
running and the resulting
Perhaps NIIBE Yutaka or someone else more knowledgable than I can take a
get us closer to resolution. :-)
Thanks for everyone who is helping.
On Fri, Jan 15, 2016 at 3:08 PM Peter Lebbing <peter at digitalbrains.com>
> On 15/01/16 21:17, Glenn Rempe wrote:
> > I added it at the suggestion of Werner in this post:
> > https://lists.gnupg.org/pipermail/gnupg-users/2012-July/045059.html
> > And these blog posts:
> > http://incenp.org/notes/2015/gnupg-for-ssh-authentication.html
> > http://budts.be/weblog/2012/08/ssh-authentication-with-your-pgp-key
> > Is this suggestion outdated?
> No, but I'm fairly sure Werner did not realise you were using a smartcard
> he wrote that. Obviously, I can't look into the man's mind, but that's my
> For regular, on-disk keys, it is necessary to add the keygrip to
> sshcontrol. For
> smartcards, it's automatically added when the smartcard is inserted. I
> guess it
> fits with automatically added secret key stubs when the smartcard is
> (to use a smartcard on a fresh PC, import your own public key, insert your
> smartcard, and you're done).
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users