我想我想要的是一个相当于SSH的ssh-copy-id
函数的GPG。以下是我所尝试的内容,以及我收到的输出:
foo@bar:~$ ssh pi@192.168.0.42 gpg --export-secret-key A32D835B51CAF93AD264826E2C7AE63B68CDAB22 | gpg --import
gpg: directory '/home/foo/.gnupg' created
gpg: keybox '/home/foo/.gnupg/pubring.kbx' created
gpg: key F0A27839C3F40D2B42172A28124E5F88293B3719: error receiving key from agent: Inappropriate ioctl for device - skipped
gpg: key 61322A2DACD3C52D35086D123704A5559C3E0456: error receiving key from agent: Inappropriate ioctl for device - skipped
gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
为了记录,这里是一个相关的旧SO问题的链接:如何传输pgp私钥到另一台计算机?
UPDATE:我尝试利用用户ahi324给出的答案中建议的——passphrase/——pinentry开关。如下图所示:
foo@bar:~$ stty -echo && ssh pi@192.168.0.42 "gpg --batch --passphrase-fd 0 --pinentry loopback --export-secret-key A32D835B51CAF93AD264826E2C7AE63B68CDAB22" | gpg import; stty echo
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: can't open 'import'
gpg: key F0A27839C3F40D2B42172A28124E5F88293B3719: error receiving key from agent: No passphrase given - skipped
gpg: key 61322A2DACD3C52D35086D123704A5559C3E0456: error receiving key from agent: No passphrase given - skipped
gpg: WARNING: nothing exported
的确,执行似乎"卡在了边缘"。输出gpg: WARNING: no command supplied. Trying to guess what you mean ...
出现后。只有在我按下键盘上的Enter键后,执行才会完成。
您收到的错误(error receiving key from agent: Inappropriate ioctl for device - skipped
)表明您的秘密密钥是受passphrase保护的,并且您的GPG passphrase代理不兼容SSH,这大多数都不兼容。
我想到了三个选项:
- 从源主机启动导出(以方便交互式密码短语输入);
- 利用
--passphrase
/--pinentry
开关(如您参考的帖子中所建议的);例如,stty -echo && ssh "$host" "gpg --batch --passphrase-fd 0 --pinentry loopback -a --export-secret-key '$key'" | gpg --import; stty echo
;或者, - 从密钥中删除口令保护(不一定需要)。