1
1
Last year I created an 4096 bit RSA key pair with GPG / Enigmail in Thunderbird. Enigmail lists me a primary key used to sign and authenticate e-mails, and a subkey used to encrypt e-mails. I exported the key pair to an .asc file.
Now I wanted to use these keys for a SSH connection and exported the keys like this:
gpg2 --armor --export-secret-keys [key] > sec_key.txt
ssh-add sec_key.txt
When ssh-add asks me for a passphrase, I enter the right one (that works in Enigmail) but it is rejected:
Bad passphrase, try again
Using the public key (exported with --export) leads to the same error, as well as using the subkey. "ssh -v -i sec_key.txt localhost" gives this error:
key_parse_private_pem: PEM_read_PrivateKey failed
But the passphrase must be correct because I'm able to change the passphrase with GPG:
gpg --edit-key [key]
I also tried to remove the passphrase completely but then I cannot log into ssh. "ssh-add sec_key.txt" then gives no output but returns 1.
What can I do to use this keys for ssh connections?
1
You cannot use a PGP key directly with SSH; see How do SSH keys differ from keys used for other purposes? for details on differences and Are GPG and SSH keys interchangable? for how to make it work.
– user1686 – 2013-04-02T17:08:03.437Thanks, I will give that a try. :) How can I upvote your answer? Or should I remove the question because it is a near duplicate? – jellysheep – 2013-04-02T17:54:19.987
It will be closed as a duplicate after at least 5 people vote so. (What I posted isn't an "answer" technically, but only a comment.) – user1686 – 2013-04-02T18:41:13.703