Forward GPG Sockets to remote?

[colemickens]

Hi.

This tool is incredibly awesome and invaluable to me. It's a shame that it's still needed, in my opinion, but I am very thankful for it. Thank you!

Also, I would love to be able to forward my GPG Socket over SSH as well. Is that possible to do with this tool?

[benpye]

I totally agree that this would be a useful feature however it isn't something that works today. The instructions at https://wiki.gnupg.org/AgentForwarding may work however the type of socket that GPG uses on Windows today is weird - I have looked at this before - and I'm not sure if OpenSSH or socat will trivially work, I imagine you could use socat from Cygwin but that's starting to get ugly.

[kastermester]

You can do it under wsl. There's a gist here from one of my colleagues that I use daily to do this (it also uses this project):

https://gist.github.com/andsens/2ebd7b46c9712ac205267136dc677ac1

[colemickens]

Thanks for the tip @kastermester, however, I am interested in avoiding WSL2, since my end goal is to just use Windows as a thin client. Managing another distro install is too much.

Fortunately, this seems to work well: https://github.com/BusyJay/gpg-bridge.

I can confirm that by using wsl-ssh-pageant and gpg-bridge, I can forward the extra socket and can perform remote gpg+ssh operations with my yubikey plugged into Windows and without WSL(1/2) active.

[colemickens]

more details on my setup: PowerShell/Win32-OpenSSH#827 (comment)

[kastermester]

Thanks for pointing that out @colemickens - I might look into that as well (to get my VSCode to have gpg access to my yubikey as well)