Cannot export SSH public key
Felix E. Klee
felix.klee at inka.de
Wed Nov 22 12:39:30 CET 2023
On Tue, Nov 21, 2023 at 12:38 AM Ingo Klöcker <kloecker at kde.org> wrote:
> $ gpg --export-ssh-key 1B6ED589
Thanks, this worked! I then added the key on the remote system to:
~/.ssh/authorized_keys
However, I could not log in. SSH reports:
Permission denied (publickey).
I then tried exporting the key using `ssh-add`:
ssh-add -L >~/.ssh/id_rsa.pub
If I add this key to `authorized_keys`, I can log in, after unlocking my
Yubikey with a PIN. Great! Or not, read on.
Now it gets a bit weird: Apparently the key exported by `ssh-add` is not
tied to my authentication key! I noticed this because I replaced the
authentication key. They key exported by `ssh-add` did not change. I can
still log in using that key. So I assume that key is based on the my
signature key `1B6ED589`:
$ gpg --list-keys --keyid-format SHORT yubikey at f76.eu
pub rsa4096/1B6ED589 2023-06-29 [SC]
7A0FE73DDB744F0F97341DA71BE349D11B6ED589
uid [ultimate] Felix E. Klee (YubiKey) <yubikey at f76.eu>
sub rsa4096/D2E31736 2023-06-29 [E]
sub rsa4096/877CC64B 2023-11-22 [A]
Should I better use the authentication key exported by GPG for SSH? But
how to make that work?
More information about the Gnupg-users
mailing list