[Gnuk-users] Ed25519 SSH key not working for gnupg > 2.1.6
NIIBE Yutaka
gniibe at fsij.org
Fri May 6 11:47:17 UTC 2016
On 05/06/2016 08:10 PM, Jonathan Schleifer wrote:
> I might have been a little unclear here: I have an Ed25519
> authentication key on my Gnuk that I want to use for SSH. This worked
> fine until GnuPG 2.1.6, for any later version, it fails, giving me the
> "Permission denied (publickey)." error. When then using ssh-add -L to
> list all keys the agent knows about, I get the error mentioned in the
> mail before.
Thank you. Now, I understand. By your previous mail, I misunderstood
that "ssh-add" were adding external key to agent (not listing).
> That's interesting. I actually get OPENPGP.1, OPENPGP.2 and OPENGPG.3
> twice, each of them. But they all share the last component.
>
> Is this maybe because I used a different key with my Gnuk before?
I think so. You use a token with different keys.
> Since the above mentioned problem, I went ahead and did
>
> $ cd ~/.gnupg/private-keys-v1.d
> $ rm $(fgrep -l shadowed-private)
>
> This still leaves two keys for me, but
>
> $ gpg --list-secret-keys
>
> shows nothing. Weird.
Umm... I have no idea.
> I got those indeed, but it does not help at all:
>
> $ SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh ssh-add -L
> error fetching identities for protocol 1: agent refused operation
> error fetching identities for protocol 2: invalid format
> The agent has no identities.
What's your SSH? For me, it supports ssh-ed25519.
-------------------
$ ssh -Q key
ssh-ed25519 <-------- This is it.
ssh-ed25519-cert-v01 at openssh.com
ssh-rsa
ssh-dss
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa-cert-v01 at openssh.com
ssh-dss-cert-v01 at openssh.com
ecdsa-sha2-nistp256-cert-v01 at openssh.com
ecdsa-sha2-nistp384-cert-v01 at openssh.com
ecdsa-sha2-nistp521-cert-v01 at openssh.com
ssh-rsa-cert-v00 at openssh.com
ssh-dss-cert-v00 at openssh.com
--
More information about the gnuk-users
mailing list