20

I currently have a SSH key that I've used for a while and I'd like to start using GnuPG with a new keyring. However, given that I've used my key for ages, I would like to still use that key in GPG as the main/primary key. I've tried importing the key via these instructions.

But, I end up with what's considered to be a "subkey". Furthermore, if I try to import it without creating a standard GPG key, GPG doesn't even see this subkey. (I'm assuming that the subkey needs to be signed by the main key first.)

How do I use this key as the main key within secring.gpg?

SineSwiper
  • 2,539
  • 3
  • 13
  • 10

4 Answers4

20

The simple answer is: You don't.

SSH keys and GnuPG (actually, OpenPGP) keys are completely different, even though both protocols can use RSA key pairs.

And besides, why would you want to do it? Even if you were to use the same key material to make up your PGP key, you'd still need to distribute your key as a PGP key. You likely haven't been distributing your SSH public key to the people you correspond with, so from a key distribution point of view there is no difference: they will need to receive a public key from you. And even if you have been distributing your SSH public key to other people, they would need to take some additional steps to be able to import it into their OpenPGP implementation, which may or may not be easy.

As kasperd quite righly pointed out, there must be only one way to interpret (particularly) a signature. If you were to use the same key for both PGP and SSH, if someone could trick you into signing a specially crafted message (which is an assumed capability in certain signature system attacks) in one, then even if both systems are secure in isolation it might be possible to craft such a message in a way that has one meaning in one of the systems, but a different meaning in the other. That, in itself, would be a vulnerability. (Exploitable? Who knows. But why take the chance?)

Both PGP and SSH key pairs are long-term keys, which are used to secure ephemeral (message and session) symmetric keys, as well as verify authenticity of a remote party. That makes the PGP or SSH private key a much higher value target for an attacker than the corresponding symmetric key. If you use the same key material for both, and an attacker is able to realize that, it only increases the value of a successful attack on that key pair.

Without having looked at either protocol in detail, I imagine that recognizing that the same key material is being used in both would likely be fairly trivial, since the public key is basically transmitted in the clear.

Just generate a new PGP key. If you want to, then make it RSA and of the same length as your SSH key. (No sane person is going to look much closer at it than verifying the fingerprint anyway.) Then distribute the public key to the people you wish to correspond with, as a PGP key. It will be much easier for everyone, and very likely safer, at the cost of a small amount of entropy from your system's random entropy pool which should be quickly replenished anyway.


If you have multiple keys on your secret keyring and want to specify which one should be used by default, use the default-key and possibly default-recipient{,-self} directives in your ~/.gnupg/gnupg.conf.

user
  • 4,267
  • 4
  • 32
  • 70
  • 1
    I agree with this answer. However there is one more reason not to use the same key material. For security reasons there must be only one way to interpret a signature. Could the same signature be interpreted in two different ways, it would be a vulnerability. Even if both ssh and gpg are secure by themselves, an adversary might trick you into signing a message with one and then take the signature to the other program, where it could have a different meaning. – kasperd Aug 15 '14 at 18:02
  • @kasperd Good point. I amended the answer; how do you feel about it now? – user Aug 15 '14 at 23:34
  • It sounds good. – kasperd Aug 15 '14 at 23:40
  • 3
    I think this answer is not completely accurate: with monkeysphere there is a usecase where you might want existing OpenSSH keys as authentication-only subkeys in your personal OpenPGP key. At least i would like to use it that way. – user134450 Aug 04 '16 at 15:18
  • 1
    These keys are not different at all; their metadata is. – foo Jan 12 '17 at 19:41
6

You can convert a SSH-Key to a OpenPGP key with the tool pem2openpgp from the monkeysphere project. This key can then be imported by gnupg as a regular private/public key pair. As the other answer mentions this is usually not a good idea because ssh has no concept of certificates, so you are effectively adding a capability to an existing key that it could not have had before. This is generally a no-go in cryptography.

I did it anyway with one of my ssh keys but I added the key pair to my other OpenPGP key as a subkey that has only one capability flag: authentication. This flag is meant for situations like this, where you do not want to sign or encrypt anything with a key pair (meaning --encrypt and --sign options for gnupg) but you want to have it in your keybox for authentication with OpenSSH and the gnupg-agent anyway.

For more details see the monkeysphere documentation.

user134450
  • 141
  • 2
  • 3
3

There can be good reasons to convert a regular PKCS-format key for import into gpg.

For example, if you want to put it onto a smart card. The facilities gpg provides with its card-info and card-edit commands are very helpful for this purpose, so why not use it as a tool? The only hurdle one needs to over come is... exactly: importing the key from the standard PKCS#8 format (or "raw" RSA PKCS#1 format) into the gpg key store for further processing.

So - note my objection to the approved answer! :)

An actually helpful answer to this sort of question is found here: https://unix.stackexchange.com/questions/276317/how-can-i-import-a-key-in-pem-format-not-openpgp-into-gpg

foo
  • 131
  • 3
1

Use this on Ubuntu 16.04 or Windows WSL.

sudo apt install -y monkeysphere
cat key.pem | PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "Key <key@example.com>" > key.pgp

Import card. Can be done on Windows or Linux.

gpg --import key.gpg

Move to card

Find the key signature identifier.

gpg --list-key

Move authentication key to card

gpg --edit-key FFFFFFFFFFF
keytocard

Select a number for the authentication slot.

You are done here.

Remember to delete the key from the gpg keychain if you're using a card. Use the key identifier from above.

gpg --delete-secret-key FFFFFFFFFFF

Misc

Not needed but may be useful to get a key in text based pgp format.

gpg -a --export FFFFFF > key.asc
Fire
  • 111
  • 2