Reputation: 723
How to use GPG keys with Yubikey in WSL2 to authenticate GIT?
I am trying to setup Yubikey in WSL2 (Ubuntu distro) to use GPG key as SSH keys to authenticate to GIT server. Below is my setup
YubiKey Manager (ykman) version: 5.1.1
How was it installed?: Using Yubico's PPA (Ubuntu)
Operating system and version: WSL2; 1.2.5.0; Windows version: 10.0.22621.819 (Ubuntu distro)
YubiKey model and version: YubiKey 5 NFC (5.4.3)
I am following the guide accessing Yubikey in WSL2 and to connect WSL’s ssh agent to GPG key over socket, I have installed socat and wsl2-ssh-pageant in WSL. Also, added below section ~/.bashrc to sync sockets
config_path="C\:/Users/<YOUR_USER>/AppData/Local/gnupg"
wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe"
# SSH Socket
# Removing Linux SSH socket and replacing it by link to wsl2-ssh-pageant socket
export SSH_AUTH_SOCK="$HOME/.ssh/agent.sock"
if ! ss -a | grep -q "$SSH_AUTH_SOCK"; then
rm -f "$SSH_AUTH_SOCK"
if test -x "$wsl2_ssh_pageant_bin"; then
(setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin" >/dev/null 2>&1 &)
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
fi
fi
# GPG Socket
# Removing Linux GPG Agent socket and replacing it by link to wsl2-ssh-pageant GPG socket
export GPG_AGENT_SOCK="$HOME/.gnupg/S.gpg-agent"
if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then
rm -rf "$GPG_AGENT_SOCK"
if test -x "$wsl2_ssh_pageant_bin"; then
(setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin --gpgConfigBasepath ${config_path} --gpg S.gpg-agent" >/dev/null 2>&1 &)
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
fi
fi
And now gpg --card-status shows the Yubikey info and also configured GPG keys using gpg --card-edit.
But, to get SSH public key using ssh-add -L I am getting error fetching identities: communication with agent failed error.
gpg-agent is running
Can anyone please let me know what is the issue here and how to resolve it?
P.S: Please let me know if any info is missing
Upvotes: 0
Views: 1225
Answers (1)
Reputation: 772
Add YubiKey as a device to WSL2. Follow this doc https://learn.microsoft.com/en-us/windows/wsl/connect-usb
Upvotes: 0
Related Questions
- gpg-agent forwarding: inappropriate ioctl for device
- Git error - gpg failed to sign data
- Is there a way to "autosign" commits in Git with a GPG key?
- How to display gpg key details without importing it?
- How can I change the location of docker images when using Docker Desktop on WSL2 with Windows 10 Home?
- How to use gpg command-line to check passphrase is correct
- GPG vs SSH keys
- docker-compose pull gives either a gpg error or a permissions error when I attempt to use it with or without sudo