- External reference: https://opensource.com/article/19/4/gpg-subkeys-ssh
- External reference: https://opensource.com/article/19/4/gpg-subkeys-ssh-multiples
- External reference: https://opensource.com/article/19/4/gpg-subkeys-ssh-manage
Following the guide from https://opensource.com/article/19/4/gpg-subkeys-ssh-multiples
As a matter of fact, I already used gpg to deal with my ssh keys, using
gpg-agent --enable-ssh-support and adding the key with a simple call to
ssh-add.
Therefore, I don’t need the part of exporting the ssh key since it is already in the keyring.
I can simply find the keygrip in ~/.gnupg/sshcontrol and insert this key in my primary keyring only for authentication purpose.
Well, the following commands will show I was wrong.
$ gpg --expert --edit-key mykey
addkey
13
thekeygrip
a
s
e
q
save
The key is imported, but it has the ssh-passphrase in it, so I cannot make it use the gpg secret key one.
Also, trying to directly import the ssh key into my keyring makes the ssh client not able to use the key. I don’t know why.
I eventually used a temporary keyring and imported the ssh key, like indicated in the article and it worked fine.
In the future, I might want to remember to follow the advise of https://opensource.com/article/19/4/gpg-subkeys-ssh-manage to deal with the ssh key fingerprint.
Notes linking here
- gpg concepts (braindump)