Cannot export SSH public key

Felix E. Klee felix.klee at
Wed Nov 22 12:39:30 CET 2023

On Tue, Nov 21, 2023 at 12:38 AM Ingo Klöcker <kloecker at> wrote:
> $ gpg --export-ssh-key 1B6ED589

Thanks, this worked! I then added the key on the remote system to:


However, I could not log in.  SSH reports:

    Permission denied (publickey).

I then tried exporting the key using `ssh-add`:

    ssh-add -L >~/.ssh/

If I add this key to `authorized_keys`, I can log in, after unlocking my
Yubikey with a PIN. Great! Or not, read on.

Now it gets a bit weird: Apparently the key exported by `ssh-add` is not
tied to my authentication key! I noticed this because I replaced the
authentication key. They key exported by `ssh-add` did not change. I can
still log in using that key. So I assume that key is based on the my
signature key `1B6ED589`:

    $ gpg --list-keys --keyid-format SHORT yubikey at
    pub   rsa4096/1B6ED589 2023-06-29 [SC]
    uid         [ultimate] Felix E. Klee (YubiKey) <yubikey at>
    sub   rsa4096/D2E31736 2023-06-29 [E]
    sub   rsa4096/877CC64B 2023-11-22 [A]

Should I better use the authentication key exported by GPG for SSH? But
how to make that work?

More information about the Gnupg-users mailing list