Using a GnuPG crypted RSA key for SSH
Henning Follmann
hfollmann at itcfollmann.com
Thu May 2 13:44:04 CEST 2024
On Thu, May 02, 2024 at 10:33:15AM +0200, Matthias Apitz wrote:
> El día jueves, mayo 02, 2024 a las 08:17:58 +0200, Werner Koch via Gnupg-users escribió:
>
> > ...
> > On Linux take care to add "enable-ssh-support" to gpg-agent.conf because
> > on some distros the X config greps for this to decide whether to start
> > the ssh-agent or leave this to gpg-agent. Technically the ssh support is
> > always enabled and thus the option is not really required.
>
[deleted]
I do not know what you did, but that looks like a mess
Your pinentry was working before (I guess) and you should not change
anything there.
And there is no need for using trace - way too complicated!
as Werner said add
enable-ssh-support
to your ~/.gnupg/gpg-agent.conf
You might also create a ~/.gnupg/sshcontrol and add the keygrip of your
authentication subkey in there
and then finally tell ssh where to find the ssh-agnet socket. gpg will tell
you that by:
gpgconf --list-dirs agent-ssh-socket
just put
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
in your ~/.bashrc
and because gpg-agent does not usually run as deamon make shure it is
running before you use ssh
gpgconf --launch gpg-agent
You also could add that to your .bashrc
-H
--
Henning Follmann | hfollmann at itcfollmann.com
More information about the Gnupg-users
mailing list