Help with SSH and GPG subkey for authentication

Peter Lebbing peter at digitalbrains.com
Sat Feb 23 14:10:49 CET 2019


On 23/02/2019 12:43, Chris Coutinho wrote:
> I'm not exactly sure what the difference is between that and a fingerprint

A key's fingerprint is something specific to OpenPGP. It includes
OpenPGP-specific information and formats. As such, it is undefined for
an OpenSSH key or a CMS (X.509) key; it simply doesn't exist.

A keygrip is a short representation of an asymmetric keypair's actual
public key material. For example, it is the same for an RSA key whether
that key is used for an OpenPGP key, an OpenSSH key or a CMS key.
gpg-agent works with keygrips because it provides services to all of
OpenPGP, SSH and CMS. And it allows you to use the same material in
multiple formats that way, such as with the Authentication subkey.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190223/24f526ae/attachment.sig>


More information about the Gnupg-users mailing list