a guest Jun 17th, 2019 52 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. In theory, enabling SSH support on the `gpg-agent` is as simple as passing the `--enable-ssh-support` option to the `gpg-agent`
  2. when initialized. However, this is tricky in Ubuntu (and probably many other Linux systems) because the `gpg-agent` is
  3. constantly relaunched. If we're on a machine we don't want to modify too much (as in disabling the classic `ssh-agent`), this
  4. is even trickier.
  6. Here's how I solved it:
  8. * Enable SSH support for the `gpg-agent` every time. While this is a system modification, it's a mild one and easy to revert.
  9.   This is accomplished with the command:
  11. ```sh
  12. echo enable-ssh-support >> .gnupg/gpg-agent.conf
  13. ```
  15. * Then, kill the `gpg-agent` manually. It'll be restarted automatically and pick up the new option:
  17. ```sh
  18. kill $(pgrep gpg-agent)
  19. ```
  21. * Finally, have the SSH client point to the `gpg-agent` when looking for keys, instead of the traditional `ssh-agent`. This
  22.   will only affect the current shell, so it won't affect the system beyond that. It's accomplished by rewiring the following
  23.   environment variable:
  25. ```sh
  26. export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
  27. ```
  29. And that's it! If you have an authentication GPG subkey on a smartcard, you can now use that to connect through SSH.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand