Use a GPG key for SSH authentication

Preconditions

Following commands can be executed:
– gpg
– ssh
– gpg-agent

Configuration

Linux

<br />
use-agent<br />

<br />
enable-ssh-support<br />

<br />
SSH_AUTH_SOCK=/run/user/$UID/gnupg/S.gpg-agent.ssh<br />
if [ -f &quot;$SSH_AUTH_SOCK&quot; ] ; then<br />
    export SSH_AUTH_SOCK<br />
else<br />
    eval $( gpg-agent --daemon )<br />
fi<br />

macOS

<br />
use-agent<br />

<br />
enable-ssh-support<br />
write-env-file ~/.gpg-agent-info<br />

<br />
[ -f ~/.gpg-agent-info ] &amp;&amp; source ~/.gpg-agent-info<br />
if [ -S &quot;${GPG_AGENT_INFO%%:*}&quot; ]; then<br />
    export GPG_AGENT_INFO<br />
    export SSH_AUTH_SOCK<br />
    export SSH_AGENT_PID<br />
else<br />
    eval $( gpg-agent --daemon --write-env-file ~/.gpg-agent-info )<br />
fi<br />

Postconditions

In the output of

<br />
$ ssh-add -L<br />

an extra public key will be shown

Notes

Tested on
– Debian Stretch
– Ubuntu 16.10

Reference

  1. How to use a GPG key for SSH authentication:
    https://www.linode.com/docs/security/gpg-key-for-ssh-authentication

发表评论

电子邮件地址不会被公开。 必填项已用*标注