How to forward GPG to a linux machine from Windows?
Here is my set up:
- Windows 10 machine, my desktop PC.
- Ubuntu 18 machine, this is my home server
- Yubikey, has my private GPG keys on it
My work flow is as follows:
- Plug in my Yubikey into USB port on my Windows 10 machine.
- From my Windows 10 machine, SSH into my Ubuntu machine using Putty.
- On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.
- Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.
I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.
I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.
To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.
How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?
ubuntu ssh windows gpg gpg-agent
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
add a comment |
Here is my set up:
- Windows 10 machine, my desktop PC.
- Ubuntu 18 machine, this is my home server
- Yubikey, has my private GPG keys on it
My work flow is as follows:
- Plug in my Yubikey into USB port on my Windows 10 machine.
- From my Windows 10 machine, SSH into my Ubuntu machine using Putty.
- On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.
- Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.
I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.
I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.
To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.
How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?
ubuntu ssh windows gpg gpg-agent
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
add a comment |
Here is my set up:
- Windows 10 machine, my desktop PC.
- Ubuntu 18 machine, this is my home server
- Yubikey, has my private GPG keys on it
My work flow is as follows:
- Plug in my Yubikey into USB port on my Windows 10 machine.
- From my Windows 10 machine, SSH into my Ubuntu machine using Putty.
- On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.
- Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.
I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.
I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.
To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.
How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?
ubuntu ssh windows gpg gpg-agent
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
Here is my set up:
- Windows 10 machine, my desktop PC.
- Ubuntu 18 machine, this is my home server
- Yubikey, has my private GPG keys on it
My work flow is as follows:
- Plug in my Yubikey into USB port on my Windows 10 machine.
- From my Windows 10 machine, SSH into my Ubuntu machine using Putty.
- On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.
- Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.
I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.
I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.
To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.
How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?
ubuntu ssh windows gpg gpg-agent
ubuntu ssh windows gpg gpg-agent
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
edited Feb 3 at 20:03
void.pointer
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
asked Feb 3 at 19:48
void.pointervoid.pointer
140111
140111
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498478%2fhow-to-forward-gpg-to-a-linux-machine-from-windows%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498478%2fhow-to-forward-gpg-to-a-linux-machine-from-windows%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
