I have a Yubikey4 loaded with my gpg-key, acting as a smartcard. I can do
gpg2 card-status and it gives me the whole shebang showing all my subkeys and everything is fine.
I then wanted to use gpg-agent to ssh into remote hosts using my gpg key. I added the following to my
enable-ssh-support pinentry-program /usr/bin/pinentry-curses default-cache-ttl 60
I also set the
SSH_AUTH_SOCK in my .bashrc as this:
If I then reboot my machine, the key is added and visible with
4096 SHA256....... cardno: ..... (RSA)
But any attempts to ssh to a remote server just hangs,
ssh -vvv tells me the machine tries to sign and send the key, but the agent refuses operation.
If I then execute a script I made using various sources it all works.
killall gpg export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh; gpg-agent --daemon --keet-tty --use-standard-socket --pinentry-program=/usr/bin/pinentry-curses
I tried implementing this using bashrc, executing it with my deskopt-manager and a user systemd task to no avail.
Can anybody help me figure out how to start this automatically on login, without the need to execute “my script”?