SSH and GPG Keys

Stephen R Laniel steve at
Wed Jun 1 04:26:47 UTC 2005

On Tue, May 31, 2005 at 09:10:54PM -0700, Ed Fletcher wrote:
> I've set up ssh (and scp) and got it working through the firewall so I
> can access my server when I'm away from home.  But I'm not sure if it is
> using the GPG keys or if it is just giving me an encrypted tunnel
> protect my password.  I realize that everything is encrypted, but I'm
> hoping that using the GPG keys will make it that much more secure.
> Paranoid maybe, but the keys are there so I'd like to use them.

It's almost certainly not using your GPG keys. I, at least,
have never heard of such a thing. It's using whatever keys
you have in ~/.ssh/id* . If you don't have a ~/.ssh, I think
it falls back to your password ... yes, I just confirmed

The SSH private key is just as secure as the GPG key. The
only reason I can think of that it *wouldn't* be as secure
is if a lot of people had signed your GPG key. Then when
signing into a remote host, the host could check the
signature. It's a decent idea, but I've never seen it

Stephen R. Laniel
steve at
+(617) 308-5571
PGP key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <>

More information about the ubuntu-users mailing list