Using gpg for ssh (Maximum Portability)

Peter Lebbing peter at digitalbrains.com
Wed Jun 21 19:17:44 CEST 2017


On 18/06/17 03:48, Christopher Jones wrote:
> It's a task to setup gpg on new boxes: Import pub key, ultimately trust
> my key, and muck around with gpg and ssh agents.

If all you want to do is SSH, you don't need your key, so it reduces to
"muck around with gpg and ssh agents". As long as gpg-agent is correctly
configured to be an SSH agent, it will automagically use a plugged in
OpenPGP card with material in the Auth slot to do SSH authentication. No
OpenPGP key needed at all!

Configuring gpg as an SSH agent for Linux in the easiest way is very,
very distribution dependent. If you're lucky, it's a single switch
somewhere. systemd, or Xsession, or something similar.

And for non-Linux, I have no experience with that.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170621/6a312088/attachment.sig>


More information about the Gnupg-users mailing list