How to forward GPG to a linux machine from Windows?












0















Here is my set up:




  • Windows 10 machine, my desktop PC.

  • Ubuntu 18 machine, this is my home server

  • Yubikey, has my private GPG keys on it


My work flow is as follows:




  1. Plug in my Yubikey into USB port on my Windows 10 machine.

  2. From my Windows 10 machine, SSH into my Ubuntu machine using Putty.

  3. On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.

  4. Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.


I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.



I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.



To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.



How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?










share|improve this question





























    0















    Here is my set up:




    • Windows 10 machine, my desktop PC.

    • Ubuntu 18 machine, this is my home server

    • Yubikey, has my private GPG keys on it


    My work flow is as follows:




    1. Plug in my Yubikey into USB port on my Windows 10 machine.

    2. From my Windows 10 machine, SSH into my Ubuntu machine using Putty.

    3. On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.

    4. Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.


    I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.



    I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.



    To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.



    How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?










    share|improve this question



























      0












      0








      0








      Here is my set up:




      • Windows 10 machine, my desktop PC.

      • Ubuntu 18 machine, this is my home server

      • Yubikey, has my private GPG keys on it


      My work flow is as follows:




      1. Plug in my Yubikey into USB port on my Windows 10 machine.

      2. From my Windows 10 machine, SSH into my Ubuntu machine using Putty.

      3. On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.

      4. Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.


      I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.



      I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.



      To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.



      How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?










      share|improve this question
















      Here is my set up:




      • Windows 10 machine, my desktop PC.

      • Ubuntu 18 machine, this is my home server

      • Yubikey, has my private GPG keys on it


      My work flow is as follows:




      1. Plug in my Yubikey into USB port on my Windows 10 machine.

      2. From my Windows 10 machine, SSH into my Ubuntu machine using Putty.

      3. On the Ubuntu machine through Putty, use Git to commit some changes to a repository cloned on the ubuntu machine.

      4. Need to sign those commits on the ubuntu machine using the private keys located on my Yubikey, which is plugged into my Windows 10 machine.


      I can sign commits on my Windows 10 machine directly, because I launch gpg-agent using Gpg4Win, and it detects my USB key and prompts me to enter the PIN before I sign/encrypt anything. I want the same thing to happen when I try to sign commits in Git on the Ubuntu machine. So in a way, I'd like the existing SSH connection between my Ubuntu and Windows machine to serve as a proxy to the gpg-agent on my Windows machine, so that encryption happens on my Windows machine when invoked from Ubuntu.



      I'm not sure if this is possible. The GPG agent forwarding help I find online seems to be the reverse of this: A host machine delegating encryption to a remote machine. But this is not what I'm doing, since I do not plug the yubikey into my Ubuntu server machine.



      To further complicate this, these are not 2 linux machines interacting but a Windows and Linux machine. So I'm not sure if Gpg4Win being in the mix makes this harder or even impossible.



      How can I sign git commits on the Ubuntu machine, using the private keys available on the Windows machine?







      ubuntu ssh windows gpg gpg-agent






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Feb 3 at 20:03







      void.pointer

















      asked Feb 3 at 19:48









      void.pointervoid.pointer

      140111




      140111






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "106"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498478%2fhow-to-forward-gpg-to-a-linux-machine-from-windows%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498478%2fhow-to-forward-gpg-to-a-linux-machine-from-windows%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          How to make a Squid Proxy server?

          Is this a new Fibonacci Identity?

          19世紀