>> >> I think I vaguely remember Monkeysphere supporting it. > > fwiw, monkeysphere doesn't explicitly support exporting OpenPGP secret > key material to arbitrary formats. >
Ok, I have done it using "openpgp2ssh" from monkeysphere (I just installed 0.39 just to get that tool). The key has to be extracted and its password removed before it can be used with openpgp2ssh, hence my use of a temporary homedir in the below. Here is what I have done: First the public key: $ ssh-add -L > alice.key.pub or $ gpg --export alice | openpgp2ssh DD53AC86 > alice.key.pub where DD53AC86 is the id of the autentication subkey. Next the secret key: $ gpg --export-secret-key alice > alice.gpg $ mkdir -m 700 .gnupg-temp $ gpg --homedir .gnupg-temp --import alice.gpg $ gpg --homedir .gnupg-temp --passwd alice (remove the passwords) $ gpg --homedir .gnupg-temp --export-secret-key alice | \ openpgp2ssh DD53AC86 > alice.key $ chmod 600 alice.key With the above, I successfully connect to a remote (after putting alice.key.pub in its authorized_keys file): $ ssh -i alice.key some_host However, I note that the the agent complains with: > sign_and_send_pubkey: signing failed: agent refused operation so I unset the SSH_AUTH_SOCK after which the ssh command worked. I might have done something else wrong because I would not expect to have to do that. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users