Unable to create a subkey that can be signed and encrypted in gpg

Asked 2 years ago, Updated 2 years ago, 108 views

I thought about using gpg-agent instead of ssh-agent by creating a subkey for gpg using the procedure in the link below.

https://opensource.com/article/19/4/gpg-subkeys-ssh

The linked procedure uses addkey to create subkeys that can sign and encrypt RSA, but as shown below, you have only the option of signing or encryption.

gpg>addkey
Please select the type of key you want:
   (3) DSA (signature only)
   (4) RSA (signature only)
   (5) Elgamal (encryption only)
   (6) RSA (encryption only)
What's your choice? 

If you proceed with the encryption-only key, the ssh could not be connected with the error below.

$ssh-T [email protected]
sign_and_send_pubkey:signing failed:agent refused operation
[email protected]: Permission denied (publickey).
$

The gnupg version is as follows:

$gpg --version
gpg(GnuPG) 2.2.4
libgcrypt 1.8.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/ksaito/.gnupg
Supported Algorithms:
Public Key: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Encryption: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256,
      TWOFISH, CAMELLIA 128, CAMELLIA 192, CAMELLIA 256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
compression:uncompressed, ZIP, ZLIB, BZIP2

ssh gpg

2022-09-30 14:07

1 Answers

How does gpg start?

gpg--export--edit-key<key-id>

Do you have the --expert option as shown in ?
You should need to start gpg in expert mode to add a key for authentication.


2022-09-30 14:07

If you have any answers or tips


© 2024 OneMinuteCode. All rights reserved.