No SSH public key authentication using smartcard
Thomas
t.schneider at getgoogleoff.me
Sat Nov 25 10:02:22 CET 2023
Hello,
I'm trying to configure a solution for this use case:
SSH SSH
Client ----> Jumphost ----> Server
(Windows 11) (Linux) (Linux)
I connect a Nitrokey security-token (that is comparable to Yubikey) with
OpenPGP keys to my client.
And I want to use this Nitrokey for SSH login to remote servers.
For this I installed GPG4Win on my client and configured file
gpg-agent.conf:
enable-ssh-support
To Enable support for PuTTY
enable-putty-support
To Enable support for the native Microsoft OpenSSH binaries (requires
gpg 2.4.0 / Gpg4win 4.1.0 or higher)
enable-win32-openssh-support
use-standard-socket
default-cache-ttl 600
max-cache-ttl 7200
Then I (re-) start the gpg-agent and try to SSH into the Jumphost using
command ssh <fqdn-jumphost> in Windows PowerShell.
Here I get a popup window where I must enter the PIN previously set on
Nitrokey.
After this I'm connected to the jumphost (Linux).
Now I want to connect to the server using command ssh <fqdn-server>,
however I need to enter a password.
This means public key authentication fails.
And I think this fails because SSH agent forwarding is not working.
Can you please advise how to SSH agent forwarding in my setup correctly?
THX
Thomas
More information about the Gnupg-users
mailing list