How to export private ed25519 subkey to the SSH format

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

How to export private ed25519 subkey to the SSH format

zdm@softvisio.net
Hi,

I want to use gpg as my primary keyring to store all keys.

But sometimes I need to get private key in SSH format to use directly
with SSH.

For example - deployment keys, to access private projects on github via
git from docker containers.

Is it currently possible to get private key in SSH format?



_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|

Re: How to export private ed25519 subkey to the SSH format

Jon Gorrono
It's in a bunch of linux repo's and also brew...


On Sun, Apr 30, 2017 at 4:15 AM, [hidden email] <[hidden email]> wrote:
Hi,

I want to use gpg as my primary keyring to store all keys.

But sometimes I need to get private key in SSH format to use directly
with SSH.

For example - deployment keys, to access private projects on github via
git from docker containers.

Is it currently possible to get private key in SSH format?



_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users



--

Jon Gorrono
PGP Key:
0x5434509D -
*** KEY REVOKED *** - http{pgp.mit.edu:11371/pks/lookup?search=0x5434509D&op=index}
New key (signed by revoked key): 0xEFE6A913 - http{pgp.mit.edu:11371/pks/lookup?search=0xEFE6A913&op=index}

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|

Re: How to export private ed25519 subkey to the SSH format

Daniel Kahn Gillmor-7
On Sun 2017-04-30 17:18:11 -0700, Jon Gorrono wrote:
> I've used Monkeysphere's openpgp2ssh tool
>
> https://incenp.org/notes/2014/gnupg-for-ssh-authentication.html
>
> It's in a bunch of linux repo's and also brew...

I don't think that monkeysphere's openpgp2ssh tool handles ed25519 at
the moment (i'm part of monkeysphere upstream).  It'd be great if it
did!

        --dkg

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|

Re: How to export private ed25519 subkey to the SSH format

Samir Nassar
In reply to this post by Jon Gorrono
On Monday, May 1, 2017 2:18:11 AM CEST Jon Gorrono wrote:
> https://incenp.org/notes/2014/gnupg-for-ssh-authentication.html

The author has an updated version covering GnuPG 2.1 :

https://incenp.org/notes/2015/gnupg-for-ssh-authentication.html

I tried it out and it works really well and GnuPG has made it very easy to do:

$ gpg -K
~/.gnupg/pubring.kbx
--------------------------------

sec   ed25519 2017-04-16 [SC] [expires: 2019-04-16]
      DEADBEEFDEAFBIN5A000000000000BADB0B1337
uid           [ultimate] Samir Nassar
ssb   cv25519 2017-04-16 [E] [expires: 2020-04-16]
ssb   ed25519 2017-04-16 [A] [expires: 2020-04-16]

I control my gpg-agent with a systemd user service and that is pretty nice
too.

Samir Nassar



_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: How to export private ed25519 subkey to the SSH format

Jon Gorrono
oh, nice... thanks

no monkey(sphere) business anymore

On Tue, May 2, 2017 at 12:46 PM, Samir Nassar <[hidden email]> wrote:
On Monday, May 1, 2017 2:18:11 AM CEST Jon Gorrono wrote:
> https://incenp.org/notes/2014/gnupg-for-ssh-authentication.html

The author has an updated version covering GnuPG 2.1 :

https://incenp.org/notes/2015/gnupg-for-ssh-authentication.html

I tried it out and it works really well and GnuPG has made it very easy to do:

$ gpg -K
~/.gnupg/pubring.kbx
--------------------------------

sec   ed25519 2017-04-16 [SC] [expires: 2019-04-16]
      DEADBEEFDEAFBIN5A000000000000BADB0B1337
uid           [ultimate] Samir Nassar
ssb   cv25519 2017-04-16 [E] [expires: 2020-04-16]
ssb   ed25519 2017-04-16 [A] [expires: 2020-04-16]

I control my gpg-agent with a systemd user service and that is pretty nice
too.

Samir Nassar



_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users




--

Jon Gorrono
PGP Key:
0x5434509D -
*** KEY REVOKED *** - http{pgp.mit.edu:11371/pks/lookup?search=0x5434509D&op=index}
New key (signed by revoked key): 0xEFE6A913 - http{pgp.mit.edu:11371/pks/lookup?search=0xEFE6A913&op=index}

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users