Page MenuHome GnuPG

jwilson (James Wilson)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 27 2017, 4:48 PM (403 w, 4 d)
Availability
Available

Recent Activity

May 24 2015

jwilson added a comment to T1983: gpg2 prefers missing secret key to available key on card.

I removed the stub keys for the last two, that is why they are listed as "ssb#"
instead of "ssb>".

If the expected behavior is newest key is always preferred, than that's fine and
easy to work around with default-key, although it would be nice to exclude
unusable keys.

May 24 2015, 2:47 AM · Bug Report, gnupg

May 13 2015

jwilson set Version to 2.1.4 on T1983: gpg2 prefers missing secret key to available key on card.
May 13 2015, 8:48 PM · Bug Report, gnupg
jwilson added projects to T1983: gpg2 prefers missing secret key to available key on card: gnupg, Bug Report.
May 13 2015, 8:48 PM · Bug Report, gnupg

Nov 17 2014

jwilson added a comment to T1756: gpg-agent doesn't accept ssh certificates.

ssh-add only looks for private key information. If there is a id_rsa-cert.pub file it
will add the certificate, but one cannot add a certificate alone.

There are a couple of problems:

  1. gpg-agent doesn't recognize the cert type (ssh-rsa-cert-v01@openssh.com, etc.) so if

it is added via agent forwarding it fails.

  1. If the private key is on a card, then there is no private key file for ssh-add to

use. Some cards allow certificates to be stored on the card, and it looks from the
source to scdaemon that there is a way to read it and return it to the agent.

I could give this a try: in the case of #2, do you think it would be a reasonable
addition to gpg-agent's protocol to look for ~/.ssh/id_{rsa,dsa,ecdsa}-cert.pub when
handling a card-based private key? The cert is public info so only better portability
is gained by storing it on the card.

Nov 17 2014, 6:22 PM · gnupg, Feature Request

Nov 11 2014

jwilson added projects to T1756: gpg-agent doesn't accept ssh certificates: Feature Request, gnupg.
Nov 11 2014, 6:05 AM · gnupg, Feature Request
jwilson set Version to 2.1 on T1756: gpg-agent doesn't accept ssh certificates.
Nov 11 2014, 6:05 AM · gnupg, Feature Request