- Référence externe : https://wiki.debian.org/Subkeys
GPG key is actually a collection of keys. There is one primary key, which is typically used only for signing and certification.
suggested usage of GPG is to create a subkey for encryption
use a subkey that has been created for authentication to complete SSH connections
authentication subkey will completely replace the keypair you may have generated in the past with ssh key-gen. You can create as many of these as you want if you need multiple SSH keys.
get gpg-agent to handle requests from SSH, you need to enable support by adding the line enable-ssh-support to the ~/.gnupg/gpg-agent.conf
specify the keys in the ~/.gnupg/sshcontrol
keygrips—internal identifiers gpg-agent uses to refer to keys.
Unlike a key hash, a keygrip refers to both the public and private key
find the keygrip, use gpg2 -K –with-keygrip
SSH_AUTH_SOCK=$(gpgconf –list-dirs agent-ssh-socket)
sec# instead of just sec for your gpg private key means the secret key is not really there.
Verify that gpg -K shows a sec# instead of just sec for your private key. That means the secret key is not really there.
Notes pointant ici
- associating an email with your GPG key
- polymorphic command line interface (in clk)
- pour changer/éditer ma clé gpg
- why do I type my gpg passphrase 3 times at boot?