Last active
September 11, 2020 09:00
-
-
Save colemickens/0fd5ba0300ca69d17d40119f03b527f8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
## No local secret keys | |
## | |
$ gpg --list-secret-keys | |
/home/cole/.gnupg/pubring.kbx | |
----------------------------- | |
sec# rsa4096/0x9758078DE5308308 2018-03-21 [C] | |
Key fingerprint = 8A94 ED58 A476 A13A E0D6 E85E 9758 078D E530 8308 | |
uid [ultimate] Cole Mickens <cole.mickens@gmail.com> | |
ssb> rsa4096/0xB475C2955744A019 2018-05-22 [S] | |
ssb> rsa4096/0x62556A61E301DC21 2018-05-22 [E] | |
ssb> rsa4096/0x22A2E663A5416DE5 2018-05-22 [A] | |
# see, only stubs! private keys are on the yubikey | |
## | |
## Determine local and remote paths | |
## | |
$ lpath=$(gpgconf --list-dirs agent-extra-socket) | |
$ rpath=$(ssh cole@192.168.1.155 gpgconf --list-dirs agent-socket) | |
## | |
## Try to decrypt a test file without forwarding gpg-agent socket | |
## | |
$ ssh cole@192.168.1.155 gpg -d /tmp/test.txt.gpg | |
gpg: WARNING: unsafe permissions on homedir '/home/cole/.gnupg' | |
gpg: encrypted with 4096-bit RSA key, ID 0x62556A61E301DC21, created 2018-05-22 | |
"Cole Mickens <cole.mickens@gmail.com>" | |
gpg: public key decryption failed: Inappropriate ioctl for device | |
gpg: decryption failed: No secret key | |
## | |
## Now try again (successfully), with gpg-agent available. | |
## | |
$ ssh -o "RemoteForward $rpath:$lpath" -A cole@192.168.1.155 gpg -d /tmp/test.txt.gpg | |
gpg: WARNING: unsafe permissions on homedir '/home/cole/.gnupg' | |
gpg: encrypted with 4096-bit RSA key, ID 0x62556A61E301DC21, created 2018-05-22 | |
"Cole Mickens <cole.mickens@gmail.com>" | |
this is a test | |
# success | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment