⚠️ I no longer own a Windows PC, so this project has been needless for me. For this reason i will archive this project. ⚠️
I use a Yubikey to store a GPG key pair and I like to use this key pair as my SSH key too. GPG on Windows exposes a Pageant style SSH agent and I wanted a way to use this key within WSL2.
In order to use wsl-ssh-pageant you must have installed socat and ss on your machine.
For example, on Ubuntu you can install these by running: sudo apt install socat iproute2
wsl2-ssh-pageant.exe to your windows home directory (or other location within the windows file system). Then simlink to your $HOME/.ssh directory for easy access
windows_destination="/mnt/c/Users/Public/Downloads/wsl2-ssh-pageant.exe" linux_destination="$HOME/.ssh/wsl2-ssh-pageant.exe" wget -O "$windows_destination" "https://github.com/BlackReloaded/wsl2-ssh-pageant/releases/latest/download/wsl2-ssh-pageant.exe" # Set the executable bit. chmod +x "$windows_destination" # Symlink to linux for ease of use later ln -s $windows_destination $linux_destination
.bashrc, .zshrc or config.fish). For advanced configurations consult the documentation of your shell.SSH:
export SSH_AUTH_SOCK="$HOME/.ssh/agent.sock"
if ! ss -a | grep -q "$SSH_AUTH_SOCK"; then
rm -f "$SSH_AUTH_SOCK"
wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe"
if test -x "$wsl2_ssh_pageant_bin"; then
(setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin" >/dev/null 2>&1 &)
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
fi
unset wsl2_ssh_pageant_bin
fi
GPG:
export GPG_AGENT_SOCK="$HOME/.gnupg/S.gpg-agent"
if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then
rm -rf "$GPG_AGENT_SOCK"
wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe"
if test -x "$wsl2_ssh_pageant_bin"; then
(setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin --gpg S.gpg-agent" >/dev/null 2>&1 &)
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
fi
unset wsl2_ssh_pageant_bin
fi
SSH:
set -x SSH_AUTH_SOCK "$HOME/.ssh/agent.sock"
if not ss -a | grep -q "$SSH_AUTH_SOCK";
rm -f "$SSH_AUTH_SOCK"
set wsl2_ssh_pageant_bin "$HOME/.ssh/wsl2-ssh-pageant.exe"
if test -x "$wsl2_ssh_pageant_bin";
setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin" >/dev/null 2>&1 &
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
end
set --erase wsl2_ssh_pageant_bin
end
GPG:
set -x GPG_AGENT_SOCK "$HOME/.gnupg/S.gpg-agent"
if not ss -a | grep -q "$GPG_AGENT_SOCK";
rm -rf "$GPG_AGENT_SOCK"
set wsl2_ssh_pageant_bin "$HOME/.ssh/wsl2-ssh-pageant.exe"
if test -x "$wsl2_ssh_pageant_bin";
setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin --gpg S.gpg-agent" >/dev/null 2>&1 &
else
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
end
set --erase wsl2_ssh_pageant_bin
end Smartcard is detected in Windows and WSL, but ssh-add -L returns error
If this is the first time you using yubikey with windows with gpg4win, please follow the instructions in the link https://developers.yubico.com/PGP/SSH_authentication/Windows.html
| Make sure ssh support is enabled in the gpg-agent.conf and restart gpg-agent with the following command
gpg-connect-agent killagent /bye
gpg-connect-agent /bye
If ssh,ssh-add,gpg etc are very slow (~15-25 seconds) check that wsl2-ssh-pageant resides on the windows file system. This is due to an issue with the WSL interop documented here and here
Some of the code is copied from benpye's wsl-ssh-pageant. This code shows how to communicate to pageant.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4