Add note on chained agent forwarding

This commit is contained in:
Zenithal 2020-12-03 01:18:21 +08:00
parent 52727f1e04
commit 7e49f5cc89
No known key found for this signature in database
GPG Key ID: 758DF565973E6760
1 changed files with 4 additions and 0 deletions

View File

@ -2124,6 +2124,8 @@ After typing or sourcing your shell rc file, with `ssh-add -l` you should find y
**Note** In this process no gpg-agent in the remote is involved, hence `gpg-agent.conf` in the remote is of no use. Also pinentry is invoked locally.
**Note** Agent forwarding may be chained through multiple hosts
## GitHub
You can use YubiKey to sign GitHub commits and tags. It can also be used for GitHub SSH authentication, allowing you to push, pull, and commit without a password.
@ -2332,6 +2334,8 @@ extra-socket /run/user/1000/gnupg/S.gpg-agent.extra
**Important** Any pinentry program except `pinentry-tty` or `pinentry-curses` may be used. This is because local `gpg-agent` may start headlessly (By systemd without `$GPG_TTY` set locally telling which tty it is on), thus failed to obtain the pin. Errors on the remote may be misleading saying that there is *IO Error* (Yes internally there is actually *IO Error* since it happens when writing to/reading from tty while finding no tty to use, but for end users this is not friendly).
**Note** Agent forwarding may be chained through multiple hosts
See [Issue #85](https://github.com/drduh/YubiKey-Guide/issues/85) for more information and troubleshooting.
# Using Multiple Keys