Use a GPG key for SSH authentication

Preconditions

Following commands can be executed:
– gpg
– ssh
– gpg-agent

Configuration

Linux

use-agent
enable-ssh-support
SSH_AUTH_SOCK=/run/user/$UID/gnupg/S.gpg-agent.ssh
if [ -f "$SSH_AUTH_SOCK" ] ; then
    export SSH_AUTH_SOCK
else
    eval $( gpg-agent --daemon )
fi

macOS

use-agent
enable-ssh-support
write-env-file ~/.gpg-agent-info
[ -f ~/.gpg-agent-info ] && source ~/.gpg-agent-info
if [ -S "${GPG_AGENT_INFO%%:*}" ]; then
    export GPG_AGENT_INFO
    export SSH_AUTH_SOCK
    export SSH_AGENT_PID
else
    eval $( gpg-agent --daemon --write-env-file ~/.gpg-agent-info )
fi

Postconditions

In the output of

$ ssh-add -L

an extra public key will be shown

Notes

Tested on
– Debian Stretch
– Ubuntu 16.10

Reference

  1. How to use a GPG key for SSH authentication:
    https://www.linode.com/docs/security/gpg-key-for-ssh-authentication

发表评论

电子邮件地址不会被公开。 必填项已用*标注