What are the security implications of using GPG instead of SSH keys for authentication

Question

I want to use a GPG key instead of an SSH key. Looking online I found several guides on how to do it. But these guides are about using GPG for convenience. I instead want to know the pros and cons from the security perspective.

Firstly looking at the archlinux wiki:

gpg-agent has OpenSSH agent emulation. If you already use the GnuPG suite, you might consider using its agent to also cache your SSH keys. Additionally, some users may prefer the PIN entry dialog GnuPG agent provides as part of its passphrase management.

I see this post talking about why we should use gpg to sign commits for git. Looking around, I see several guides on how to use GPG keys for SSH access.

In addition, there is apparent reason for people to to have GPG and SSH keys to be interchangeable since GPG has specifically made a command for it.

See here for GPG post on exporting ssh keys command.

See here here for StackExchange post on interchanging ssh and gpg keys.

Answer 1

In terms of cryptography, there are no differences between using your PGP Auth key and using a standalone SSH key:

• both GnuPG and OpenSSH provide agents that can cache credentials
• both PGP and SSH keys can be stored on hardware tokens, therefore providing a "something you have" MFA factor

The reason some setups prefer to use PGP keys mostly comes down to key management. In a scenario where your PGP key is already used for signing git commits, it makes perfect sense to also have your SSH Key be part of your PGP keyring. This way there is only one key someone has to track, and there are established protocols for key revocation and expiry. It is also easy to put both your Signature and Authentication PGP subkeys onto the same hardware token (like a Yubikey or Nitrokey), which makes it easy to only need a single removable device for all authentication needs.

With recent changes to git, the opposite is true as well -- if SSH keys are issued by a certified authority, it is now possible to sign git objects using ssh keys.

So, it basically comes down to key management convenience. If you do not have a central authority managing or keeping track of your keys, it makes no difference whether you use a dedicated SSH key or a PGP Auth key with SSH.