use gpg-agent for ssh login

Jonas Hegemann jonas.hegemann at
Thu May 3 10:09:33 CEST 2018


I'm trying to configure gpg-agent and SSH with a GnuPG Key Card Version
3.3, but ssh only drops the message: "the agent has no identities." in
response to "ssh-add -L".

My system:
Linux (K)ubuntu 16.04

My software versions:
gpg 1.4.20
gpg-agent 2.1.11
libgcrypt 1.6.5

My configuration:
Starting the agent:
killall scdaemon
killall gpg-agent
eval $( gpg-agent --daemon --enable-ssh-support )
Setting the environment variables:
GPG_TTY=/dev/pts/1 (corresponding to used terminal)

note that 2588 is the PID of the gpg-agent here.
scdaemon is running (started by gpg-agent)
pcscd is NOT running.


default-cache-ttl 21600
default-cache-ttl-ssh 21600
pinentry-program /usr/bin/pinentry-gtk-2

After carefully reviewing my configuration and restarting my agent I still
get a message "The agent has no identities." in response to "ssh-add -L".
However, the status of the smart-card looks fine and all the keys are
present on the card. Why does ssh not see the keys? Does anyone have a
suggestion for changes? Are there specific issues with the card version

Thanks in advance

More information about the Gnupg-users mailing list