No SSH public key authentication using smartcard

Thomas t.schneider at
Sat Nov 25 10:02:22 CET 2023

I'm trying to configure a solution for this use case:
SSH                  SSH
Client                ---->    Jumphost    ---->    Server
(Windows 11)                   (Linux)              (Linux)

I connect a Nitrokey security-token (that is comparable to Yubikey) with 
OpenPGP keys to my client.
And I want to use this Nitrokey for SSH login to remote servers.

For this I installed GPG4Win on my client and configured file 
To Enable support for PuTTY
To Enable support for the native Microsoft OpenSSH binaries (requires 
gpg 2.4.0 / Gpg4win 4.1.0 or higher)
default-cache-ttl 600
max-cache-ttl 7200

Then I  (re-) start the gpg-agent and try to SSH into the Jumphost using 
command ssh <fqdn-jumphost> in Windows PowerShell.
Here I get a popup window where I must enter the PIN previously set on 
After this I'm connected to the jumphost (Linux).

Now I want to connect to the server using command ssh <fqdn-server>, 
however I need to enter a password.
This means public key authentication fails.
And I think this fails because SSH agent forwarding is not working.

Can you please advise how to SSH agent forwarding in my setup correctly?


More information about the Gnupg-users mailing list