Is --export-ssh-key functionality possible with GnuPG 2.0?

Peter Lebbing peter at
Thu Nov 24 18:36:59 CET 2016

On 2016-11-24 16:59, Teemu Likonen wrote:
> I believe that file ~/.gnupg/sshcontrol should contain
> key's keygrip but how do I get the keygrip when there's no
> --with-keygrip option in 2.0?

I think the following:

$ gpg-connect-agent
> help keyinfo
# KEYINFO [--[ssh-]list] [--data] [--ssh-fpr] [--with-ssh] <keygrip>
# Return information about the key specified by the KEYGRIP.  If the
# key is not available GPG_ERR_NOT_FOUND is returned.  If the option
# --list is given the keygrip is ignored and information about all
# available keys are returned.  If --ssh-list is given information
# about all keys listed in the sshcontrol are returned.  With --with-ssh
# information from sshcontrol is always added to the info. Unless --data
# is given, the information is returned as a status line using the 
#   KEYINFO <keygrip> <type> <serialno> <idstr> - - <fpr> <ttl> <flags>
# KEYGRIP is the keygrip.
# TYPE describes the type of the key:
#     'D' - Regular key stored on disk,
#     'T' - Key is stored on a smartcard (token),
#     'X' - Unknown type,
#     '-' - Key is missing.
# SERIALNO is an ASCII string with the serial number of the
#          smartcard.  If the serial number is not known a single
#          dash '-' is used instead.
# IDSTR is the IDSTR used to distinguish keys on a smartcard.  If it
#       is not known a dash is used instead.
# FPR returns the formatted ssh-style fingerprint of the key.  It is 
#     printed if the option --ssh-fpr has been used.  It defaults to 
# TTL is the TTL in seconds for that key or '-' if n/a.
# FLAGS is a word consisting of one-letter flags:
#       'D' - The key has been disabled,
#       'S' - The key is listed in sshcontrol (requires --with-ssh),
#       'c' - Use of the key needs to be confirmed,
#       '-' - No flags given.
# More information may be added in the future.
> keyinfo --list

I just can't think of how to pick out the right key now... What little 
detail is eluding me?



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list