不能使用gpg-agent作为ssh代理

Question

我一直在尝试让gpg-agent作为ssh代理工作，但没有运气。我正在运行Linux Mint（Sarah）的KDE版本。

首先，我在/etc/X11/Xsession.options中禁用了内置的ssh代理：

# $Id: Xsession.options 189 2005-06-11 00:04:27Z branden $
#
# configuration options for /etc/X11/Xsession
# See Xsession.options(5) for an explanation of the available options.
allow-failsafe
allow-user-resources
allow-user-xsession
#use-ssh-agent
use-session-dbus

然后，我在gpg-agent中启用了ssh-agent支持：

> $ cat ~/.gnupg/gpg-agent.conf                                                                                                                            
enable-ssh-support

此时我重启了我的电脑，并检查了我的环境变量：

> $ echo $GPG_AGENT_INFO                                                                                                                                   
/home/jeroen/.gnupg/S.gpg-agent:0:1

> $ echo $SSH_AUTH_SOCK                                                                                                                                    
/home/jeroen/.gnupg/S.gpg-agent.ssh

只是为了确保没有其他代理正在运行：

> $ ps aux | grep agent                                                                                                                                    
jeroen    5072  0.0  0.0 282604   764 ?        Ss   Nov24   0:15 /usr/bin/gpg-agent --daemon
jeroen    5265  0.0  0.1 697044 29032 ?        Sl   Nov24   0:01 /usr/lib/x86_64-linux-gnu/libexec/polkit-kde-authentication-agent-1
jeroen    9574  0.0  0.0 130292  1016 pts/6    S+   12:15   0:00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn agent

到目前为止，一切看起来都不错。那么让我们来看看我的gpg键：

pub   rsa2048/03AB1CB5 2015-06-12 [SC]
uid         [ultimate] Jeroen Jacobs <jeroen.jacobs@REDACTED.be>
uid         [ultimate] Jeroen Jacobs <jeroen.jacobs@REDACTED.be>
sub   rsa2048/014F9774 2015-06-12 [E]
sub   rsa2048/0FEF1A6F 2017-11-23 [A]

如您所见，存在身份验证子项。确定gpg-agent会选择这个，对吗？

ssh-add -l                                                                                                                                             
The agent has no identities.

嗯，它没有...已经重新启动了我的电脑，但没有什么区别。我几乎阅读了关于这个主题的任何教程，我想我已经完成了本书的所有内容，但我无法让它发挥作用。

万一你需要它，gpg2和gpg-agent的版本：

> $ gpg2 --version                                                                                                                                         
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

> $ gpg-agent --version                                                                                                                                    
gpg-agent (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Answer 1

Append the keygrip您的身份验证子密钥到~/.gnupg/sshcontrol文件。

gpg -K --with-keygrip是使用其keygrips列出所有密钥的命令。