Learning about authentication

NIIBE Yutaka gniibe at fsij.org
Sat Nov 25 02:19:39 CET 2023


Daniel Cerqueira wrote:
> I want to know a bit, on how authentication and authorization works in
> GnuPG.

Do you mean authentication subkey in GnuPG?  It's basically
user-defined;  It's up to user how it is used.

Usually, it means use with OpenSSH.  For example, I have an
authentication subkey as my OpenPGP key.  I use it with GnuPG, when I
accesss git repo with OpenSSH.  SSH authentication is done by OpenSSH
and ssh-agent emulation of gpg-agent.  It means that the key is under
control of GnuPG, actually.

(Other possible use case is use with Scute for X.509 client certificate
authentication, together with Web browser.  This is not that
common/popular, though.)

FYI, I wrote this ten years ago:

    Using GPG's authentication key for SSH access:

Hope this helps,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20231125/cf6428b0/attachment-0001.sig>

More information about the Gnupg-users mailing list