Werner Koch wrote:
If that is an 1024 bit RSA key, this is indeed possible. The HOWTO will tell you:
http://www.gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO
In short: Use gpg --edit-key and then the command keytocard. The problem might be to convert an SSH key to a GnuPG key. There is no instant solution for 1.4 - with 1.9 and the gpg-agent SSH support is included and a mere ssh-add will be suffcient; but well the key is then stored in gpg-agent's own format.
In general I do not suggest to do this at all. Better generate a new key on-card and use this as your new ssh key. It is pretty simple to change your ssh key and this allows you to slowly retire your old ssh key.
OK, I've generated an authentication key within GPG on the card.
Now there are some questions left ;-)
How to get this special public key out of the complete public-key of this GPG ID?
I've tried gpg -a --export KEYID but I'm not sure if this is the correct format for SSH usage.
The other thing is (more an OpenSSH question) how to tell openssh to use the key from the card?
Thanks, Wolfgang
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
