GPG agent forwarding multiple yubikeys with distinct public keys/subkeys over SSH

Christian Chavez x10an14 at gmail.com
Wed Jun 23 11:38:16 CEST 2021


Hi!

# Background
Ref: https://lists.gnupg.org/pipermail/gnupg-users/2021-June/065212.html,
I'm now in a situation where I've got a GPG pub/priv (not subkeys) key-pair
used for work-purposes, and one for personal/private purposes (read:
separate identities). Each GPG pub/priv key-pair resides on each their own
yubikey, and I bring the yubikeys with me when I move from say work laptop
to personal laptop.

# Motivation
I would like to be able to connect multiple yubikeys representing multiple
opengpg pub/priv key-pairs/identities to the same _client_, and make use of
_both_ on a remote I've SSH'ed to (using one of the yubikeys), without
having to reboot/restart machine/gpg-agent/ssh connection.

# Initial research effort
Is this possible? None of the guides/how-to's I've found seem to cover this
use-case where you've got multiple GPG identities on multiple yubikeys
where you'd like to encrypt/authenticate/sign with both on a remote over
SSH.

There many guides online describing how to enable gpg agent forwarding,
like:
- https://mlohr.com/gpg-agent-forwarding/
- https://superuser.com/a/884602
- https://github.com/drduh/YubiKey-Guide#using-multiple-keys

None of the above (IIUC) describe/cover my use-case, is this even supported?

And if so, how?

-- 
Med vennlig hilsen/Kind regards,
Christian Chavez
Phone/Tlf: +47 922 22 603
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210623/a0404f56/attachment-0001.html>


More information about the Gnupg-users mailing list