This post is older than a year. Consider some information might not be accurate anymore.
For the SSH Authentication the gpgsm
package is needed, because we need “scdaemon” = smartcard-daemon
sudo apt-get install gpgsm
gpg-agent is needed because it is the only possibility to use a authentication subkey directly from the smartcard
sudo apt-get install gnupg-agent
deactivate gnome-keyring-daemon ssh-agent dropin-replacement, we want only gpg-agent
gconftool-2 --type bool --set /apps/gnome-keyring/daemon-components/ssh false
configure gpg to use agent (only for smartcard)
echo "use-agent" >> ~/.gnupg/gpg.conf
enable ssh-agent drop in replacement support for gpg-agent
echo "enable-ssh-support" >> ~/.gnupg/gpg-agent.conf
secure gnupg homedir
chmod -R go-rwx ~/.gnupg
update authorized keys file replace “766C78D0” with your authentication subkey-id from before add key to remote host (it’s the first key under the public key or the other public key)
gpgkey2ssh 766C78D0 | ssh root@krios "cat - >> ~/.ssh/authorized_keys"
My authentication key from GnuPG smart card
gpgkey2ssh F981E710 | ssh root@persephone "cat - >> ~/.ssh/authorized_keys"