Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
How to extract your private ssh key from gpg-agent

How to extract a SSH private key from gpg-agent

Problem: Lost private key file ~/.ssh/id_rsa, but could connect to remote hosts via pubkey auth anyway: gpg-agent cached the private key. How to get the private key?

Solution: Use gpg-protect-tool to get the key (you need to know the passphrase of course):

gpgsm --call-protect-tool --p12-export ~/.gnupg/private-keys-v1.d/your-keyfile.key >key.p12

Now you have a PKCS12 file and you can extract the private key like this:

openssl pkcs12 -in key.p12 -out privkey.pem

And there is your extracted private key.


This comment has been minimized.

Copy link

rafasc commented Mar 22, 2018

is there an updated method to do this? --p12-export is no longer supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.