You may want to delete all keys from its vault - you will need those keys in gpg vault instead.
If you are using Windows native ssh-agent - stop it. Create/import keys, setup smart cards, etc. Installationĭownload from the releases page and unpack it in a convenient location. I tested everything with "official" GnuPG Windows builds 2.2.25 and 2.2.26.
by starting an SSH server).ĬOMPATIBILITY NOTICE: tools from this project were tested on Windwith multiple distributions and should work on anything starting with 1809 - beginning with insider build 17063 and would not work on older versions of Windows 10, because it requires AF_UNIX socket support feature. This is a fundamental feature of WSL if you are not sure of what you're doing, do not allow remote access to your WSL environment (i.e. In practice, if you allow someone else to log in to your WSL environment remotely, they may be able to access the SSH keys stored in your gpg-agent. For example all interaction with the Win32 world happens with the credentials of the user who started the WSL environment. SECURITY NOTICE: All the usual security caveats applicable to WSL, SSH and GPG apply here. And WSL2 requires additional layer of translation (with socat on Linux side and either HYPER-V integration service or helper on Windows end) since AF_UNIX interop is not (yet? ever?) implemented for WSL2.
Assuan S.gpg-agent.ssh support in GnuPG code is presently broken under Windows (at least in GnuPG 2.2.25), so we have to resort to putty/pageant method instead (which today does not work in 64 bits GnuPG builds). Until then we need to create specific translation layers to compensate for deficiencies. Microsoft developers will finally decide how they want to handle security on Unix domain sockets and will change OpenSSH port and many other wonderful things will happen. I am sure that gpg-agent on Windows will directly support Windows OpenSSH server - T3883. NOTE Eventually many pieces of functionality from this project will become obsolete. It resonates a lot, especially after spending some time reading GnuPG code. To put things in perspective and select more practical place for PGP tools overall I strongly suggest studying this critique. You could (and probably should) read set of excellent posts by Simon Josefsson: blog_1 blog_2 blog_3. This one is very good (albeit somewhat outdated).
If you are interested in basic guides on how to handle keys using GnuPG tools - web is full of them and this project has nothing to do with it. I am still learning the full scope of damage one could cause by using GnuPG tools and I am certainly no expert here. So no wonderful KDE GUIs ported to Windows.
It also could be installed by using chocolatey command choco install gnupg. GPG4Win includes this set (which could be extracted), but normally it is available from GnuPG ftp site. This project aims to create simple set of tools to be combined with GnuPG binaries for Windows to do exactly that.ĭISCLAIMER When using term GnuPG I am not referring to GPG4Win, but rather to basic GnuPG tools built from code base common for all platforms. Ideally we need to have Windows host to handle single set of secured keys (SSH and GPG) while transparently providing necessary interfaces to all other environments.
Windows usage is a bit more problematic as we have to deal with various non-cooperating pieces: GnuPG win32 binaries are somewhat deficient, OpenSSH port integrated into Windows 10 (console, terminal and all), Cygwin/MSYS2 ssh tools and WSL1 and WSL2 add challenges with specific binaries and different lifetime management requirements. All of that works reasonably well on Linux. It implements ssh-agent functionality (with somewhat more flexibility than original), supports smart cards, attempts to handle identity aspects of security and sometimes must be used (for example to sign git commits on some projects). However there is another set of tools entirely - GnuPG. Windows 10 has ssh-agent service (with support for persistence and Windows security) and I have been using it successfully for a while. Simple set of tools to make working with GPG and SSH keys easier on Windows 10.