Hi, Werner, all.
Please let me take this opportunity to ask you for trustable documentation,
or any other resource, which could help interested users like myself in
providing the gpg-agent with ssh client and daemon errands, on both fresh
and not-so-fresh OS installs. Please consider SELinux contexts if possible.
Regards,
Marcio Barbado, Jr.
On Thu, 28 Mar 2024 at 07:01 Werner Koch via Gnupg-users <
gnupg-users@gnupg.org> wrote:
> On Thu, 28 Mar 2024 08:26, Damien Cassou said:
>
> > Is that a problem? Am I missing something important? It seems this
> > causes me the troubles mentioned at [1].
>
> Your subkeys are all stored on a smartcard. The primary key is online.
> This is as intended. If you remove the the primary private key
> (<keygrip>.key) You should see a '#' mark for the primary key.
>
> > My private master key is symlinked in ~/.gnupg/private-keys-v1.d:
>
> That is intended to work but has not been thoroughly tested.
>
> > [1] https://github.com/pinpox/pgp2ssh/issues/6
>
> That reminds me that we have a function export_secret_ssh_key but it
> will always fail with a not-implemented error ;-). Noone of the core
> hackers felt a need for it. For example I have not used anything else
> than gpg-agent based ssh access since 2005.
>
>
> Shalom-Salam,
>
> Werner
>
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
>
Please let me take this opportunity to ask you for trustable documentation,
or any other resource, which could help interested users like myself in
providing the gpg-agent with ssh client and daemon errands, on both fresh
and not-so-fresh OS installs. Please consider SELinux contexts if possible.
Regards,
Marcio Barbado, Jr.
On Thu, 28 Mar 2024 at 07:01 Werner Koch via Gnupg-users <
gnupg-users@gnupg.org> wrote:
> On Thu, 28 Mar 2024 08:26, Damien Cassou said:
>
> > Is that a problem? Am I missing something important? It seems this
> > causes me the troubles mentioned at [1].
>
> Your subkeys are all stored on a smartcard. The primary key is online.
> This is as intended. If you remove the the primary private key
> (<keygrip>.key) You should see a '#' mark for the primary key.
>
> > My private master key is symlinked in ~/.gnupg/private-keys-v1.d:
>
> That is intended to work but has not been thoroughly tested.
>
> > [1] https://github.com/pinpox/pgp2ssh/issues/6
>
> That reminds me that we have a function export_secret_ssh_key but it
> will always fail with a not-implemented error ;-). Noone of the core
> hackers felt a need for it. For example I have not used anything else
> than gpg-agent based ssh access since 2005.
>
>
> Shalom-Salam,
>
> Werner
>
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
>