meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Next revisionBoth sides next revision
sw:gpg:forwarding [2022/10/06 10:25] – created niziaksw:gpg:forwarding [2022/10/06 10:57] niziak
Line 3: Line 3:
 Search tags: ''pgp'' ''gpg'' ''remote'' ''gpg-agent'' ''gpg-agent forwarding''. Search tags: ''pgp'' ''gpg'' ''remote'' ''gpg-agent'' ''gpg-agent forwarding''.
  
-Source: [[https://mlohr.com/gpg-agent-forwarding/|GPG Agent Forwarding by Matthias Lohr]]+Source: 
 +  * [[https://mlohr.com/gpg-agent-forwarding/|GPG Agent Forwarding by Matthias Lohr]] 
 +  * [[https://wiki.gnupg.org/AgentForwarding|Forwarding gpg-agent to a remote system over SSH]]
  
 ===== local machine ===== ===== local machine =====
 +
 +Ensure ''gpg-agent'' is running:
 +<file bash ~/.bashrc>
 +# Launch gpg-agent if not started
 +export GPG_TTY="$(tty)"
 +gpgconf --launch gpg-agent
 +</file>
  
 Public and secret key must be present on local machine Public and secret key must be present on local machine
Line 32: Line 41:
 ===== remote machine ===== ===== remote machine =====
  
-Public key must be imported on remote machine+Public key must be imported on remote machine
 <code bash> <code bash>
 gpg --import usert@example.com-public.asc gpg --import usert@example.com-public.asc
Line 40: Line 50:
 gpg:               imported: 1 gpg:               imported: 1
 </code> </code>
 +
 +
 +Modify ssh server configuration to enable automatic removal of stale sockets when connecting to the remote machine:
 +<file config /etc/ssh/sshd_config>
 +StreamLocalBindUnlink yes
 +</file>
 +
 +and restart sshd: <code bash>systemctl restart ssh</code>
 +
 +
 +===== usage =====
 +
 +On remote machine:
 +<code bash>
 +gpg --list-secret-keys
 +</code>
 +
 +Sign message:
 +<code bash>
 +echo TEXT | gpg -s
 +</code>
 +