Created
December 15, 2021 20:55
-
-
Save dinvlad/a62d44325fa2b989a046fe984a06e140 to your computer and use it in GitHub Desktop.
Revisions
-
dinvlad created this gist
Dec 15, 2021 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,57 @@ ### Yubikey GPG inside WSL2 1. Install [GPG4Win](https://www.gpg4win.org/download.html). 2. Start up Kleopatra (a UI tool from 1) and [make sure your YubiKey is loaded there](https://suchsecurity.com/gpg-and-ssh-with-yubikey-on-windows.html). * You can also add GPG4Win to Startup folder using a link with this Target: ``` "C:\Program Files (x86)\GnuPG\bin\gpg-connect-agent.exe" /bye ``` This will only load the agent at Startup, and you won't be bothered by any UI or tray agent. 3. Download [wsl2-ssh-pageant](https://github.com/BlackReloaded/wsl2-ssh-pageant/releases) into your _Windows_ `%userprofile%/.ssh` directory (Windows dir is important for performance). 4. Install `socat` and `gpg` inside WSL as you would in a "normal" distro, e.g. ``` apt-get install -y gnupg2 gnupg-agent socat ``` 5. Create a `~/.bash_profile` or `~/.zprofile` (for ZSH) inside WSL: ``` ### https://github.com/BlackReloaded/wsl2-ssh-pageant#bashzsh WIN_USER="<your_windows_username_here>" SSH_DIR="${HOME}/.ssh" # mkdir -p "${SSH_DIR}" wsl2_ssh_pageant_bin="${SSH_DIR}/wsl2-ssh-pageant.exe" ln -sf "/mnt/c/Users/${WIN_USER}/.ssh/wsl2-ssh-pageant.exe" "${wsl2_ssh_pageant_bin}" listen_socket() { sock_path="$1" && shift fork_args="${sock_path},fork" exec_args="${wsl2_ssh_pageant_bin} $@" if ! ps x | grep -v grep | grep -q "${fork_args}"; then rm -f "${sock_path}" (setsid nohup socat "UNIX-LISTEN:${fork_args}" "EXEC:${exec_args}" &>/dev/null &) fi } # SSH export SSH_AUTH_SOCK="${SSH_DIR}/agent.sock" listen_socket "${SSH_AUTH_SOCK}" # GPG export GPG_AGENT_SOCK="${HOME}/.gnupg/S.gpg-agent" listen_socket "${GPG_AGENT_SOCK}" --gpg S.gpg-agent # GPG extra for agent forwarding to devcontainers in VS Code export GPG_AGENT_SOCK_EXTRA="${HOME}/.gnupg/S.gpg-agent.extra" listen_socket "${GPG_AGENT_SOCK_EXTRA}" --gpg S.gpg-agent.extra unset wsl2_ssh_pageant_bin ### ``` You can also create this file inside a C: drive and then create a symlink to it, e.g. ``` ln -s ~/.zprofile /mnt/c/WSL/scripts/.zprofile ``` which enables sharing of the same file across multiple WSL distros. 6. Log out and back in to WSL. 7. Import your GPG key(s) inside WSL, just as you normally would. They're now ready to go!