Skip to content

Instantly share code, notes, and snippets.

@chapterjason

chapterjason/Yubikey GPG inside WSL2.md

Forked from dinvlad/Yubikey GPG inside WSL2.md
Last active March 19, 2025 13:19
Show Gist options
  • Save chapterjason/ff59a2d7cc9ff14e8cb2df9a55c80073 to your computer and use it in GitHub Desktop.
Save chapterjason/ff59a2d7cc9ff14e8cb2df9a55c80073 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. chapterjason revised this gist Mar 19, 2025. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion Yubikey GPG inside WSL2.md
    View file
    Original file line number Diff line number Diff line change
    @@ -7,7 +7,7 @@
    "C:\Program Files (x86)\GnuPG\bin\gpg-connect-agent.exe" /bye
    ```
    This will only load the agent at Startup, and you won't be bothered by any UI or tray agent.
    3. Download [wsl2-ssh-pageant](https://github.com/BlackReloaded/wsl2-ssh-pageant/releases) into your _Windows_ `%userprofile%/.ssh` directory (Windows dir is important for performance).
    3. Download [wsl2-ssh-pageant]([https://github.com/BlackReloaded/wsl2-ssh-pageant/releases](https://github.com/jryberg/wsl2-ssh-pageant)) into your _Windows_ `%userprofile%/.ssh` directory (Windows dir is important for performance).
    4. Install `socat` and `gpg` inside WSL as you would in a "normal" distro, e.g.
    ```
    apt-get install -y gnupg2 gnupg-agent socat
  2. @dinvlad dinvlad created this gist Dec 15, 2021.
    57 changes: 57 additions & 0 deletions Yubikey GPG inside WSL2.md
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,57 @@
    ### Yubikey GPG inside WSL2

    1. Install [GPG4Win](https://www.gpg4win.org/download.html).
    2. Start up Kleopatra (a UI tool from 1) and [make sure your YubiKey is loaded there](https://suchsecurity.com/gpg-and-ssh-with-yubikey-on-windows.html).
    * You can also add GPG4Win to Startup folder using a link with this Target:
    ```
    "C:\Program Files (x86)\GnuPG\bin\gpg-connect-agent.exe" /bye
    ```
    This will only load the agent at Startup, and you won't be bothered by any UI or tray agent.
    3. Download [wsl2-ssh-pageant](https://github.com/BlackReloaded/wsl2-ssh-pageant/releases) into your _Windows_ `%userprofile%/.ssh` directory (Windows dir is important for performance).
    4. Install `socat` and `gpg` inside WSL as you would in a "normal" distro, e.g.
    ```
    apt-get install -y gnupg2 gnupg-agent socat
    ```
    5. Create a `~/.bash_profile` or `~/.zprofile` (for ZSH) inside WSL:
    ```
    ### https://github.com/BlackReloaded/wsl2-ssh-pageant#bashzsh
    WIN_USER="<your_windows_username_here>"
    SSH_DIR="${HOME}/.ssh" #
    mkdir -p "${SSH_DIR}"
    wsl2_ssh_pageant_bin="${SSH_DIR}/wsl2-ssh-pageant.exe"
    ln -sf "/mnt/c/Users/${WIN_USER}/.ssh/wsl2-ssh-pageant.exe" "${wsl2_ssh_pageant_bin}"
    listen_socket() {
    sock_path="$1" && shift
    fork_args="${sock_path},fork"
    exec_args="${wsl2_ssh_pageant_bin} $@"
    if ! ps x | grep -v grep | grep -q "${fork_args}"; then
    rm -f "${sock_path}"
    (setsid nohup socat "UNIX-LISTEN:${fork_args}" "EXEC:${exec_args}" &>/dev/null &)
    fi
    }
    # SSH
    export SSH_AUTH_SOCK="${SSH_DIR}/agent.sock"
    listen_socket "${SSH_AUTH_SOCK}"
    # GPG
    export GPG_AGENT_SOCK="${HOME}/.gnupg/S.gpg-agent"
    listen_socket "${GPG_AGENT_SOCK}" --gpg S.gpg-agent
    # GPG extra for agent forwarding to devcontainers in VS Code
    export GPG_AGENT_SOCK_EXTRA="${HOME}/.gnupg/S.gpg-agent.extra"
    listen_socket "${GPG_AGENT_SOCK_EXTRA}" --gpg S.gpg-agent.extra
    unset wsl2_ssh_pageant_bin
    ###
    ```
    You can also create this file inside a C: drive and then create a symlink to it, e.g.
    ```
    ln -s ~/.zprofile /mnt/c/WSL/scripts/.zprofile
    ```
    which enables sharing of the same file across multiple WSL distros.
    6. Log out and back in to WSL.
    7. Import your GPG key(s) inside WSL, just as you normally would. They're now ready to go!