On 3/15/2019 11:28 PM, Brian Exelbierd wrote: > Hi, > > I would like to eliminate my SSH keys and consolidate my existing keys into > my gpg key. I can do this by either importing my existing keys (easier) or > creating new authentication subkeys. > > Either way, I am unsure how to identify which subkey is which SSH key. I > created a test key, below, with two authentication subkeys. I can't tell > which subkey matches each key. How do you know? Without this knowledge it > is hard to know which key goes with which server and which key is safe to > delete later. > > Any advice? Thank you. > > regards, > > bex > > --- > > # gpg2 -K --with-keygrip > /root/.gnupg/pubring.kbx > ------------------------ > sec rsa2048 2019-03-15 [SC] [expires: 2021-03-14] > 84B9177ECD98386DACDA102DF80B5DDF8D55076A > Keygrip = 13C8D80A6B3A5A7CC4095A254A07AFC9F287CF16 > uid [ultimate] keyname > ssb rsa2048 2019-03-15 [E] [expires: 2021-03-14] > Keygrip = 26FD3D7D54BEE12111354B9E968C23EEDC445A4E > ssb rsa2048 2019-03-15 [A] > Keygrip = A04EA628443B5C1C60411C15E1EC35C21186D405 > ssb rsa2048 2019-03-15 [A] > Keygrip = 45F02D545B6B6ADC32FCB7BC64B943F23B35D3FF > > # ssh-add -l > 2048 SHA256:T/SZUtqVEzoo4c4rmh5e4jrnCd5ewGNj1Nrsg3VYbCE (none) (RSA) > 2048 SHA256:+Qbn7T5rQms4+bBfzc7D68H2TynS/8gyT0pjrMOaiQA (none) (RSA) > > # ssh-add -L > ssh-rsa > AAAAB3NzaC1yc2EAAAADAQABAAABAQC8vnk7hPdP9tWdw8DUV8rOYDTAlhbvSWPuEUwr0FdaveJoJtgYhceKVoyFnOYZnZ8QP0nAytHGeSAHkL/9Vw0Whyouu94awwoEERdkIzvl/KVRU3n0dBabbjbqlY6Dz+4zjIUo/KbyZ9PZHohCVQs/DzFUqnLsPoHzVVDBPvMHFkf0t2qSe0Pv2I7vLmI1UVBFMspjy80kmoijheFAmXebCGC3uzr23BKqzqfj2/HYv/DJAQufGiHsH+/I855U8Dckd4TQmHS4aRsIY0px1HA4of9nIiWWifvqxwshax2VSdJucJi1RB6YbSxbTIbjnl0YJbbIajV8xJjyloaOofph > (none) > ssh-rsa > AAAAB3NzaC1yc2EAAAADAQABAAABAQCnrIe/fe6i6AMA+evGzz3Gc56rSH5D3cJ9R/cMta2jHjtNlZZD/uJNdbuALsI4elB5m0Yxsbiz0j3UG2L/2nHfjD73oPQkwFIacvtkZT/hpp/BWPFDWQnGaWeWdFfsxlzu6gOMsfYJQDxNIPRjLbYkcIOL3Xw5EIFlS2xEr+/ZGsD2uNnReXj5XZnXh6FrxcX7vhnKpHHsVzDZG+xRs+xhErhiini8J1REZaQzZnVftD/WZGbAU8f3LSDfSCFQVxRTibXW5JMd6JfFe1zZXST+JfAEqg5LhucpzsQAbYWtNiqZ5McerI1HYPjYNUqoYhGzXsWvEuvPp3qugVjH3ZI5 > (none) >
My understanding is that one subkey is to be used for authentication . -- John Doe _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
