Using PGP keys for SSH

Solution 1:

There are several ways, which may or may not work:

  • MonkeySphere
  • openssh-gpg, a patch for OpenSSH
  • SSH.com has built-in support
  • gpg2 on Debian comes with a gpgkey2ssh tool, and gpg-agent can act as a ssh agent too, but I couldn't figure out how to actually make ssh use the key for authentication.

Solution 2:

SSH2 Version 2.0.13 introduced support for PGP authentication.

excerpt from SSH The Secure Shell

Solution 3:

With the information from the answers on this question and the help of the gnupg-users mailinglist I was able to figure out how to use my GPG key for SSH authentication. There are a few possible methods to do this.

I have written a blogpost about some possible solutions: http://budts.be/weblog/2012/08/ssh-authentication-with-your-pgp-key

To summarize: Either you use GnuPG 2.1, which is currently in beta. When using this version, you can simply start gpg-agent with the --enable-ssh-support option and add the keygrip for you GPG key (or subkey) into ~/.gnupg/sshcontrol.

When you are using the current stable GnuPG version (2.0.x) you can use monkeysphere to add your key to gpg-agent (again, after starting gpg-agent with the --enable-ssh-support option).

It is also possible to use GNOME keyring (or even the regular ssh-agent) with the help of monkeysphere. The only problem in this case is that you will have to re-add your key when logging on again (into Gnome or XFCE). To solve this you can manually export your key and convert it.

Solution 4:

This document shows how to do it on the SSH.com client; I am not sure that it works on OpenSSH but it might be worth a shot.