From 500d4433a848709772f66e82732bc4df124d04b4 Mon Sep 17 00:00:00 2001
From: ahriman <ahriman@falte.red>
Date: Sun, 6 Jan 2019 06:05:17 +0000
Subject: added wiki page on using gnupg for ssh authentication

---
 table.connusers                 |  3 ++-
 table.weekconns                 |  2 +-
 wiki.php                        |  1 +
 wikipages/gpg-for-ssh-auth.wiki | 28 ++++++++++++++++++++++++++++
 4 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 wikipages/gpg-for-ssh-auth.wiki

diff --git a/table.connusers b/table.connusers
index 9c212bd..52d934f 100644
--- a/table.connusers
+++ b/table.connusers
@@ -1,5 +1,6 @@
 <ul>
-<li>rnelson</li>
 <li>lorenzo</li>
+<li>ahriman</li>
 <li>nimbius</li>
+<li>rnelson</li>
 </ul>
diff --git a/table.weekconns b/table.weekconns
index a5c750f..b5045cc 100644
--- a/table.weekconns
+++ b/table.weekconns
@@ -1 +1 @@
-27
\ No newline at end of file
+21
\ No newline at end of file
diff --git a/wiki.php b/wiki.php
index b7eed31..05cf7c7 100644
--- a/wiki.php
+++ b/wiki.php
@@ -33,6 +33,7 @@
         &nbsp;&nbsp;<a href="wiki.php?page=bchs">BCHS Intro Guide</a><br />
         &nbsp;&nbsp;<a href="wiki.php?page=dcss">Dungeon Crawl Stone Soup</a><br />
         &nbsp;&nbsp;<a href="wiki.php?page=finger">Finger</a><br />
+        &nbsp;&nbsp;<a href="wiki.php?page=gpg-for-ssh-auth">GnuPG for SSH Authentication</a><br />
         &nbsp;&nbsp;<a href="wiki.php?page=irc">IRC</a><br />
         &nbsp;&nbsp;<a href="wiki.php?page=unixprotips">UNIX ProTips</a><br />
         <?php
diff --git a/wikipages/gpg-for-ssh-auth.wiki b/wikipages/gpg-for-ssh-auth.wiki
new file mode 100644
index 0000000..b891ec9
--- /dev/null
+++ b/wikipages/gpg-for-ssh-auth.wiki
@@ -0,0 +1,28 @@
+<!--
+    author: ahriman
+    title: Using GPG For SSH Authentication
+    description: setting gpg-agent to handle ssh authentication on linux
+-->
+
+<h2>Using GPG for SSH Authentication</h2>
+
+<p>It's a fairly simply process to have <code>gpg-agent</code> handle your SSH authentication. To start off, you'll need to have a private GnuPG key generated with an appropriate subkey for authentication. Once that's taken care of, open up <code>~/.gnupg/gpg-agent.conf</code></p>
+
+<div class="code">$ cat ~/.gnupg/gpg-agent.conf<br />
+enable-ssh-support<br />
+default-cache-ttl 60<br />
+max-cache-ttl 120</div>
+
+<p>Now you'll need to append the following to ~/.bashrc, or the appropriate rc file for your shell</p>
+
+<div class="code">$ cat ~/.bashrc<br />
+export GPG_TTY="$(tty)"<br />
+export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)<br />
+gpg-connect-agent updatestartuptty /bye</div>
+
+<p>Once that's done, you'll need to let gpg-agent know which GnuPG subkey to use for SSH authentication. Run <code>gpg --with-keygrip -k &lt;email&gt;</code> and copy the keygrip associated with the subkey you've generated specifically for authentication only. Now, open <code>~/.gnupg/sshcontrol</code> and paste the keygrip into that file. Verify that the correct keygrip has been selected by running <code>ssh-add -L</code> and comparing it against the output of <code>gpg
+--export-ssh-key &lt;keyid&gt;</code>. If it's correct, kill off gpg-agent with <code>killall gpg-agent</code>, then open up a new terminal and attempt to connect to a server!</p>
+
+<br />
+
+<a href="/wiki">Back to Wiki</a>
-- 
cgit 1.4.1-2-gfad0