ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• gniibe
	May 23 2022, 3:35 AM

Description

Currently, upon REQUEST_IDENTITIES, gpg-agent returns keys available on card, and keys listed in .gnupg/sshcontrol.

To have more clear semantics with Prompt field and Use-for-ssh (in future), it's good for OpenPGP.3 keys (as default) to be included always for REQUEST_IDENTITIES, regardless of if it's available on card or not.

Revisions and Commits

rG GnuPG
	rG39422f1d63e2 agent: Don't assume "OPENPGP.3" key means "Use-for-ssh:".
	rG2766b9e56c77 agent,ssh: Fix for make not-inserted OpenPGP.3 keys available for SSH.
	rG193fcc2f7a8c agent,ssh: Make not-inserted OpenPGP.3 keys available for SSH.

Related Objects
Search...

		Status	Assigned	Task
		Resolved	• gniibe	T5984 gpg-agent interaction improvement (smartcard improvement #3)
		Resolved	• gniibe	T5996 ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available

Event Timeline

• gniibe triaged this task as Normal priority.May 23 2022, 3:35 AM

• gniibe created this task.

• gniibe mentioned this in T5984: gpg-agent interaction improvement (smartcard improvement #3).May 23 2022, 3:39 AM

• gniibe added a project: Restricted Project.May 26 2022, 10:19 AM

• gniibe added a commit: rG193fcc2f7a8c: agent,ssh: Make not-inserted OpenPGP.3 keys available for SSH..May 26 2022, 10:20 AM

• gniibe mentioned this in T5985: private-key: Support "Use-for-ssh" flag.May 26 2022, 10:38 AM

• gniibe mentioned this in T5987: card: New field to specify refusing operations when card/token is not available.May 27 2022, 2:47 AM

• werner added a commit: rG2766b9e56c77: agent,ssh: Fix for make not-inserted OpenPGP.3 keys available for SSH..Jun 15 2022, 4:42 PM

Having "Use-for-ssh" flag now, experience shows that including OpenPGP.3 keys by default is not convenient.

Users can add "Use-for-ssh" flag, if they want.

• gniibe renamed this task from ssh,card: OpenPGP.3 keys should be on the list (as default) even when card is not available to ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available.Jun 28 2022, 3:22 AM

• gniibe added a commit: rG39422f1d63e2: agent: Don't assume "OPENPGP.3" key means "Use-for-ssh:"..Jun 28 2022, 3:27 AM

• gniibe closed this task as Resolved.Jun 28 2022, 3:29 AM

• gniibe removed a project: Restricted Project.

• werner mentioned this in T5947: Release GnuPG 2.3.7.Jul 26 2022, 7:40 PM

Jakuje mentioned this in T6212: The ssh keys are no longer returned in the order from control file after T5996.Sep 19 2022, 3:12 PM

• werner mentioned this in T6454: Release GnuPG 2.4.1.Apr 28 2023, 2:45 PM

ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not availableClosed, ResolvedPublicActions

Description

Revisions and Commits

Related ObjectsSearch...

Event Timeline

ssh,card: "Use-for-ssh:" (was: OpenPGP.3) keys should be on the list even when card is not available
Closed, ResolvedPublic
Actions

Related Objects
Search...