Using a GnuPG crypted RSA key for SSH

Matthias Apitz guru at
Thu May 2 15:31:25 CEST 2024

> I run the L5 with its OpenPGP card sind 2021 and I don't remember the
> exact setup now. In any case, gpg-agent is there after any reboot.

One issue remains with the now working OpenPGP card for SSH: When the
correct PIN was provided the card remains unlocked, regardless if or not
the SSH session was successful. This is a security problem: On mobile
theft all gpg files are open. Until now I only used the pass command from
password-store and added at its end:

purism at pureos:~$ tail -4 /usr/bin/pass
gpgconf --reload scdaemon
sleep 2
exit 0

which locks the card again. Any ideas?


Matthias Apitz, ✉ guru at, +49-176-38902045
Public GnuPG key:

I am not at war with Russia.
Я не воюю с Россией.
Ich bin nicht im Krieg mit Russland.

More information about the Gnupg-users mailing list