GPG/YubiKey/CentOS7
Werner Koch
wk at gnupg.org
Sat Jun 22 10:04:09 CEST 2019
On Fri, 21 Jun 2019 18:42, gnupg-users at gnupg.org said:
> Even though I have had GPG and YubiKey running a few times on CentOS7
Which GnuPG version does it come with: "gpg --version". Does it install
gpg under the name gpg2 and provides the legacy GnuPG 1.4 under the name
gpg ?
> [p42547 at cswks20~] > ssh-add -l
> error fetching identities for protocol 1: agent refused operation
> 2048 SHA256:dj02A/DHL0RKuJuMLBX14CaQ6RriT0uqY0sXqTNPoW4
> cardno:000609042340 (RSA)
To see what the problem is you neeed to add these lines to
~/.gnupg/gpg-agent.conf
--8<---------------cut here---------------start------------->8---
log-file /tmp/p42547-agent.log
verbose
debug ipc
--8<---------------cut here---------------end--------------->8---
restart gpg-agent and run ssh-add-l again.
> [p42547 at cswks20~] > gpg --export-secret-keys $KEYID | openpgp2ssh $KEYID
> We cannot handle encrypted secret keys. Skipping!
I don't know this openpgp2ssh thingie. To export an OpenPGP key as an
openpgp _public_ key in ssh format use
gpg -a --export-ssh-key FINGERPRINT
You may need to append a '!' to the fingerprint to export a specific
subkey.
> gpg --export-secret-keys C5778901 gives me an asci file that then
You need to add the option -a to get in in ASCII format.
> complains about not being openpgp it also is missing the cardno in the
The cardno is has no important information; it is merely there so that
the agent can prompt you to insert the expected card.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190622/92471077/attachment.sig>
More information about the Gnupg-users
mailing list