update email
This commit is contained in:
49
data/gpg-ssh.md
Normal file
49
data/gpg-ssh.md
Normal file
@@ -0,0 +1,49 @@
|
||||
<!--
|
||||
Source:
|
||||
https://ryanlue.com/posts/2017-06-29-gpg-for-ssh-auth
|
||||
-->
|
||||
|
||||
Install `gnupg`.
|
||||
|
||||
Generate a new gpg key just for authentication:
|
||||
|
||||
> gpg2 --expert --edit-key 024C6B1C84449BD1CB4DF7A152295D2377F4D70F
|
||||
|
||||
Toggle options `S`, `E`, and `A` until the following output:
|
||||
|
||||
```
|
||||
Current allowed actions: Authenticate
|
||||
```
|
||||
|
||||
Add ssh to the gpg key agent.
|
||||
|
||||
> echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf
|
||||
|
||||
This won't take effect until you restart the gpg agent, so kill it:
|
||||
|
||||
> gpgconf --kill gpg-agent
|
||||
|
||||
> gpgconf --launch gpg-agent
|
||||
|
||||
Use 2048 (or whatever) bits, save, and exit.
|
||||
|
||||
Add this to your `~/.bash_profile`:
|
||||
|
||||
```
|
||||
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
|
||||
```
|
||||
|
||||
> source ~/.bash_profile
|
||||
|
||||
Find the ssh key's keygrip with:
|
||||
|
||||
> gpg -k --with-keygrip
|
||||
|
||||
It's the one with `[A]` next to it.
|
||||
Add it to `~/.gnupg/sshcontrol`.
|
||||
|
||||
> echo 1P0P6SA7S07Q8198414P126OR0514R3R8Q1389SP > ~/.gnupg/sshcontrol
|
||||
|
||||
Confirm it's added:
|
||||
|
||||
> ssh-add -l
|
||||
Reference in New Issue
Block a user