Install the pre-requisites:
Configure SSH Key and Git Integration With Windows 10 Native Way (Thanks to this DevGenius blog).
In an administrative Powershell prompt:
Add-Content $env:APPDATA\gnupg\gpg-agent.conf "enable-putty-support"
Add-Content $env:APPDATA\gnupg\gpg-agent.conf "enable-ssh-support"
Add-Content $env:APPDATA\gnupg\scdaemon.conf "debug-level guru"
Add-Content $env:APPDATA\gnupg\scdaemon.conf "log-file scdaemon.log"
Add-Content $env:APPDATA\gnupg\scdaemon.conf "reader-port Yubico Yubi"
Add-Content $env:APPDATA\gnupg\gnupg.conf "charset utf-8"
$OpenSSHClient = Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Client*'
Add-WindowsCapability -Online -Name $OpenSSHClient.Name
$SSHAgentSvc = Get-Service -Name 'ssh-agent'
Set-Service -Name $SSHAgentSvc.Name -StartupType Automatic
Start-Service -Name $SSHAgentSvc.Name
In your normal user Powershell prompt:
ssh-keygen # only if you don't already have an SSH key
ssh-add
Thanks to Jaroslav Živný's blog articles
sudo apt install socat
mkdir ~/.ssh
wget https://github.com/BlackReloaded/wsl2-ssh-pageant/releases/download/v1.2.0/wsl2-ssh-pageant.exe -O ~/.ssh/wsl2-ssh-pageant.exe
chmod +x ~/.ssh/wsl2-ssh-pageant.exe
Copy this into a script that will be run at session startup, ~/.gpg4wsl
# SSH Socket
# Removing Linux SSH socket and replacing it by link to wsl2-ssh-pageant socket
export SSH_AUTH_SOCK=$HOME/.ssh/agent.sock
ss -a | grep -q $SSH_AUTH_SOCK
if [ $? -ne 0 ]; then
rm -f $SSH_AUTH_SOCK
setsid nohup socat UNIX-LISTEN:$SSH_AUTH_SOCK,fork EXEC:$HOME/.ssh/wsl2-ssh-pageant.exe &>/dev/null &
fi
# GPG Socket
# Removing Linux GPG Agent socket and replacing it by link to wsl2-ssh-pageant GPG socket
export GPG_AGENT_SOCK=$HOME/.gnupg/S.gpg-agent
ss -a | grep -q $GPG_AGENT_SOCK
if [ $? -ne 0 ]; then
rm -rf $GPG_AGENT_SOCK
setsid nohup socat UNIX-LISTEN:$GPG_AGENT_SOCK,fork EXEC:"$HOME/.ssh/wsl2-ssh-pageant.exe --gpg S.gpg-agent" &>/dev/null &
fi
Add this to the end of the ~/.bash_rc
or ~/.zshrc
script, or wherever you want to auto-run the script from:
source ~/.gpg4wsl
Back on the host PC, restart WSL:
wsl.exe --shutdown
The next time you start a WSL session, you should be able to get some info out of gpg --card-status