On Fri, Jan 5, 2024 at 2:43 PM Werner Koch wrote:
> That is right. The ssh-agent protocol has no means to tell the
> ssh-agent or gpg-agent some important environment cariabales, like the
> current tty or DISPLAY.
Interesting, thanks for the look behind the scenes!
> I am so used to run the
On Fri, 5 Jan 2024 10:07, Felix E. Klee said:
>> gpg-connect-agent updatestartuptty /bye
>
> or otherwise, I get no PIN entry dialog / prompt
That is right. The ssh-agent protocol has no means to tell the
ssh-agent or gpg-agent some important environment cariabales, like the
current tty or
On Fri, Nov 24, 2023 at 9:09 AM Felix E. Klee wrote:
> In addition, I need:
>
> gpg-connect-agent updatestartuptty /bye
or otherwise, I get no PIN entry dialog / prompt
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Thanks, Ingo!
Looking at my log, I realize that I indeed uploaded the primary key when
I did `keytocard`. I did not do `key 2` to select the authentication sub
key. Instead I was assuming that GnuPG does automatically select the
right sub key. There was a warning about moving the primary key,
Thanks, Ingo!
Looking at my log, I realize that I indeed uploaded the primary key when
I did `keytocard`. I did not do `key 2` to select the authentication sub
key. Instead I was assuming that GnuPG does automatically select the
right sub key. There was a warning about moving the primary key,
On Mittwoch, 27. Dezember 2023 13:40:40 CET Felix E. Klee wrote:
> Thanks for pointing out that the signature key and the authentication
> keys are identical:
>
> $ gpg --card-status
[...]
> Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
> D589
> created
Thanks for pointing out that the signature key and the authentication
keys are identical:
$ gpg --card-status
[…]
Signature key : 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
D589
created : 2023-06-29 03:50:43
Encryption key: DBBD 3239 D0F1 4326 808D
Thanks for pointing out that the signature key and the authentication
keys are identical:
$ gpg --card-status
[…]
Signature key : 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
D589
created : 2023-06-29 03:50:43
Encryption key: DBBD 3239 D0F1 4326 808D
On Mittwoch, 29. November 2023 03:52:36 CET Felix E. Klee wrote:
> So `gpg --card-status` imports [SC] and [E], but not [A]:
>
> $ rm ~/.gnupg/private-keys-v1.d/*
> $ ls -a1 ~/.gnupg/private-keys-v1.d/
> .
> ..
> $ gpg --card-status
> […]
> Signature key : 7A0F
So `gpg --card-status` imports [SC] and [E], but not [A]:
$ rm ~/.gnupg/private-keys-v1.d/*
$ ls -a1 ~/.gnupg/private-keys-v1.d/
.
..
$ gpg --card-status
[…]
Signature key : 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
D589
created : 2023-06-29
On Thu, Nov 23, 2023 at 10:17 AM Felix E. Klee
wrote:
> Can you explain why the output of `ssh-add -L` did not change? Also
> why is it not the same as the output from `gpg --export-ssh-key
> yubi...@f76.eu`?
OK, I may have found the issue:
$ grep -rl Use-for-ssh
On Thu, Nov 23, 2023 at 2:19 PM Stephan Verbücheln via Gnupg-users
wrote:
> Host gitlab.com
> HostName gitlab.com
> User git
> IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh
Thanks, that works. Even the variable is expanded.
In addition, I need:
gpg-connect-agent
Another convenient way is to use “~/.config/ssh”. This allows different
configurations per host without changing your global environment.
Example:
Host gitlab.com
HostName gitlab.com
User git
IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh
Regards
Stephan
signature.asc
On Wed, Nov 22, 2023 at 8:57 PM Werner Koch wrote:
> Here is the snippet from by ~/.bashrc
I have a similar config. Thank you for the detailed explanation!
Only the following line does not work right after autologin (default
with Ubuntu / WSL2), seems like something is not ready yet.
On Tue, Nov 21, 2023 at 12:38 AM Ingo Klöcker wrote:
> $ gpg --export-ssh-key 1B6ED589
Thanks, this worked! I then added the key on the remote system to:
~/.ssh/authorized_keys
However, I could not log in. SSH reports:
Permission denied (publickey).
I then tried exporting the key
On Wed, 22 Nov 2023 19:39, Felix E. Klee said:
> However, I could not log in. SSH reports:
>
> Permission denied (publickey).
You need to make sure that the gpg-agent is running and the
SSH_AUTH_SOCK envvar is set correctly. Here is the snippet from by
~/.bashrc
--8<---cut
On Tue, Nov 21, 2023 at 12:38 AM Ingo Klöcker wrote:
> $ gpg --export-ssh-key 1B6ED589
Thanks, this worked! I then added the key on the remote system to:
~/.ssh/authorized_keys
However, I could not log in. SSH reports:
Permission denied (publickey).
I then tried exporting the key
On Montag, 20. November 2023 09:24:32 CET Felix E. Klee wrote:
> $ gpg --list-keys --keyid-format SHORT yubi...@f76.eu
> pub rsa4096/1B6ED589 2023-06-29 [SC]
> 7A0FE73DDB744F0F97341DA71BE349D11B6ED589
> uid [ultimate] Felix E. Klee (YubiKey)
> sub
I added an authentication key to my existing key .
$ gpg --edit-key --expert yubi...@f76.eu
> addkey
I selected:
8: RSA (set your own capabilities)
S: disable sign capability
E: disable encrypt capability
A: enable authenticate capability
4096: key size
0: expiry
19 matches
Mail list logo