Is --export-ssh-key functionality possible with GnuPG 2.0?

Peter Lebbing peter at digitalbrains.com
Thu Nov 24 18:36:59 CET 2016


On 2016-11-24 16:59, Teemu Likonen wrote:
> I believe that file ~/.gnupg/sshcontrol should contain
> key's keygrip but how do I get the keygrip when there's no
> --with-keygrip option in 2.0?

I think the following:

$ gpg-connect-agent
> help keyinfo
# KEYINFO [--[ssh-]list] [--data] [--ssh-fpr] [--with-ssh] <keygrip>
#
# Return information about the key specified by the KEYGRIP.  If the
# key is not available GPG_ERR_NOT_FOUND is returned.  If the option
# --list is given the keygrip is ignored and information about all
# available keys are returned.  If --ssh-list is given information
# about all keys listed in the sshcontrol are returned.  With --with-ssh
# information from sshcontrol is always added to the info. Unless --data
# is given, the information is returned as a status line using the 
format:
#
#   KEYINFO <keygrip> <type> <serialno> <idstr> - - <fpr> <ttl> <flags>
#
# KEYGRIP is the keygrip.
#
# TYPE describes the type of the key:
#     'D' - Regular key stored on disk,
#     'T' - Key is stored on a smartcard (token),
#     'X' - Unknown type,
#     '-' - Key is missing.
#
# SERIALNO is an ASCII string with the serial number of the
#          smartcard.  If the serial number is not known a single
#          dash '-' is used instead.
#
# IDSTR is the IDSTR used to distinguish keys on a smartcard.  If it
#       is not known a dash is used instead.
#
# FPR returns the formatted ssh-style fingerprint of the key.  It is 
only
#     printed if the option --ssh-fpr has been used.  It defaults to 
'-'.
#
# TTL is the TTL in seconds for that key or '-' if n/a.
#
# FLAGS is a word consisting of one-letter flags:
#       'D' - The key has been disabled,
#       'S' - The key is listed in sshcontrol (requires --with-ssh),
#       'c' - Use of the key needs to be confirmed,
#       '-' - No flags given.
#
# More information may be added in the future.
OK
> keyinfo --list
[...]

I just can't think of how to pick out the right key now... What little 
detail is eluding me?

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list