- Install gnupg for Windows from gnupg.org (NOT GP4Win, the regular one).
- Plug in your Yubikey, and run
gpg --card-status
, and make sure it emits some useful output about the card.
We need WSL1 to act as the network proxy between the Windows TCP litening assuan socket, which is only on localhost, and a tcp socket listening on a host port that we can access from WSL2.
- Open any WSL1 distro, you'll need
socat
(sudo apt install socat
). - Stick both the above scripts in the same director. Make sure that all other instances of those scripts are dead.
-
If you get a prompt to permit access to socat from public networks, or any network, just say NO. You don't want randoms accessing this socket from your local network.
$ bash assuan.sh /mnt/c/Users/Michael/AppData/Local/gnupg/S.gpg-agent:62192:S.gpg-agent /mnt/c/Users/Michael/AppData/Local/gnupg/S.gpg-agent.browser:62194:S.gpg-agent.browser /mnt/c/Users/Michael/AppData/Local/gnupg/S.gpg-agent.extra:62193:S.gpg-agent.extra /mnt/c/Users/Michael/AppData/Local/gnupg/S.gpg-agent.ssh:62195:S.gpg-agent.ssh /mnt/c/Users/Michael/AppData/Local/gnupg/S.scdaemon:62197:S.scdaemon\ $ gpg --card-status gpg: WARNING: unsafe permissions on homedir '/home/Michael/.gnupg' gpg: keybox '/home/Michael/.gnupg/pubring.kbx' created Reader ...........: Yubico YubiKey OTP FIDO CCID 0 Application ID ...: <snip> Application type .: OpenPGP Version ..........: 0.0 Manufacturer .....: Yubico Serial number ....: <snip> Name of cardholder: <snip> Language prefs ...: en Salutation .......: <snip> URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: ed25519 cv25519 ed25519 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 1400 KDF setting ......: off Signature key ....: <snip> created ....: <snip> Encryption key....: <snip> created ....: <snip> Authentication key: <snip> created ....: <snip> General key info..: [none]
-
Do the exact same as WSL1, the script will auto-detect and use a local interface address.