1AGENT-TRANSFER(1) User Commands AGENT-TRANSFER(1)
2
3
4
6 agent-transfer - copy a secret key from gpg-agent to ssh-agent
7
8
10 agent-transfer [options] KEYGRIP [COMMENT]
11
12
14 agent-transfer extracts a secret key from a modern version of GnuPG
15 agent and sends it to the running SSH agent. This is useful for people
16 whose keys are managed in the long-term by GnuPG's gpg-agent, but who
17 prefer the semantics of OpenSSH's ssh-agent for regular use.
18
19 agent-transfer was written as part of the monkeysphere project.
20
21 The KEYGRIP should be specified as a sequence of 20 hexadecimal charac‐
22 ters. If you aren't sure of the keygrip, you can inspect the output
23 of:
24
25 gpg --with-keygrip --list-secret-keys
26
27 The COMMENT is optional, and will be stored alongside the key in ssh-
28 agent. It must not start with a -, to avoid being mistaken for an
29 option.
30
31
33 agent-transfer also accepts options that would normally be passed to
34 ssh-add(1) to constrain the use of the transferred key:
35
36
37 -c Indicates that added identities should be subject to confirma‐
38 tion before being used for authentication.
39
40
41 -t SECONDS
42 Indicates that the key should have a lifetime of SECONDS in the
43 running ssh-agent.
44
45
47 ~/.gnupg/S.gpg-agent
48 The socket where gpg-agent is listening. This is the "standard
49 socket" for modern GnuPG.
50
51
53 GNUPGHOME
54 The GnuPG home directory, where the standard socket for
55 gpg-agent lives. If this is not set, it is assumed to be
56 ~/.gnupg.
57
58
59 SSH_AUTH_SOCK
60 Specifies the location where the running ssh-agent is present.
61
62
63
64 Several other environment variables are also passed in some form to the
65 gpg-agent to help it figure out how to run a sensible pinentry, includ‐
66 ing GPG_TTY, TERM, DISPLAY, XAUTHORITY, GTK_IM_MODULE, DBUS_SES‐
67 SION_BUS_ADDRESS, and LANG.
68
69
71 agent-transfer can only work with RSA and Ed25519 keys. Support for
72 other key types not yet implemented. Patches welcome!
73
74
76 Written by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
77
78
80 monkeysphere(7), ssh(1), ssh-add(1), ssh-agent(1), gpg(1) gpg-agent(1),
81
82
83
84monkeysphere Jan 2019 AGENT-TRANSFER(1)