[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Cannot export SSH public key
From: "Felix E. Klee" <felix.klee () inka ! de>
Date: 2023-11-22 11:39:30
Message-ID: CA+m_8J3_a7Gnx5L-2xN8GitO1SWSc+EE983PSF1QYmz=cy+kjA () mail ! gmail ! com
[Download RAW message or body]
On Tue, Nov 21, 2023 at 12:38 AM Ingo Klöcker <kloecker@kde.org> wrote:
> $ gpg --export-ssh-key 1B6ED589
Thanks, this worked! I then added the key on the remote system to:
~/.ssh/authorized_keys
However, I could not log in. SSH reports:
Permission denied (publickey).
I then tried exporting the key using `ssh-add`:
ssh-add -L >~/.ssh/id_rsa.pub
If I add this key to `authorized_keys`, I can log in, after unlocking my
Yubikey with a PIN. Great! Or not, read on.
Now it gets a bit weird: Apparently the key exported by `ssh-add` is not
tied to my authentication key! I noticed this because I replaced the
authentication key. They key exported by `ssh-add` did not change. I can
still log in using that key. So I assume that key is based on the my
signature key `1B6ED589`:
$ gpg --list-keys --keyid-format SHORT yubikey@f76.eu
pub rsa4096/1B6ED589 2023-06-29 [SC]
7A0FE73DDB744F0F97341DA71BE349D11B6ED589
uid [ultimate] Felix E. Klee (YubiKey) <yubikey@f76.eu>
sub rsa4096/D2E31736 2023-06-29 [E]
sub rsa4096/877CC64B 2023-11-22 [A]
Should I better use the authentication key exported by GPG for SSH? But
how to make that work?
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic