[prev in list] [next in list] [prev in thread] [next in thread]
List: gpg4win-users-en
Subject: Re: [Gpg4win-users-en] Using gpg4win with OpenSSH and Git
From: Marko Božiković <bozho () kset ! org>
Date: 2015-02-20 15:23:25
Message-ID: 54E7516D.4060506 () kset ! org
[Download RAW message or body]
On 19/02/2015 19:37, Werner Koch wrote:
> On Thu, 19 Feb 2015 16:32, bozho@kset.org said:
>
>> I've picked up GnuPG again after a few years and I was wondering is it
>> possible to use gpg4win in its current state for OpenSSH authentication and
>> git SSH authentication and commit signing using gpg-agent.
>
> On Windows you can't use if with OpenSSH. AFAIK, OpenSSH is not
> available as native application but only as a Cygwin binary. This could
> be made work somehow but it has not been done. However, Putty is
> supported: If you add "enable-putty-support" to gpg-agent.conf,
> gpg-agent will work as a Pageant replacement. You should fire up
> gpg-agent before Pageant, though.
I have two more questions:
1. I can't seem to export public subkeys with the gpg command line utility.
According to gpg docs, giving a key ID when exporting keys will export only
that key (and its subkeys, if there are any) However, running:
gpg --armor --export > all.gpg
gpg --armor --export <master key ID> > master.gpg
gpg --armor --export <subkey ID> > subkey.gpg
produces three identical files, with both the master key and an authenticating
subkey. Is that a bug, or am I doing something wrong?
2. Msysgit and gpg-agent. MSysGit works with Pageant (putty authenticating
agent) to handle SSH keys. Now, I currently use Pageant to load a github
secret key from a file and serve it to git when needed (works fine from both
command line and tortoisegit)
I tried replacing pageant with Gpg4Win's gpg-agent, but had no luck. I've
created a new keyring in gpg: one master SC key and one authenticating subkey.
I've exported the public subkey, converted it to the SSH format and uploaded
it to Github. It seems that gpg-agent doesn't pick up my authenticating
subkey, because if I remove my old github SSH key and try to clone a repo, I
get an authentication error. If I add my old SSH github public key back to my
Github account and instruct git to load a private key from a file, gpg-agent
creates a "private-keys-v1.d" subdirectory in my gnupg dir and seems to store
the (old) private key there. As long as it's there, I can clone github repos
without instructing git to load private key from a file, so it seems that
gpg-agent is serving it correctly.
So, basically, the question here is how to make gpg-agent see my gpg keys and
use them? Does the subkey need to have other capabilites in addition to
authentication?
Thank you,
--
Marko
_______________________________________________
Gpg4win-users-en mailing list
Gpg4win-users-en@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/gpg4win-users-en
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic