I followed the official instructions here but generated brainpool512 keys instead of RSA. Everything went fine, and I imported the key on a Debian 9 system. Now, when I wanted to export/convert the key to openssh format I get the following output from gpg 2.1.18:
gpg: export as ssh key failed: Unknown elliptic curve
I upgraded gpg to 2.2.10, but the error message remains the same.
please provide the command you used when the message arrived as well.
This seems to be a limitation of GnuPG. Could you ask at the GnuPG mailinglist or submit an issue ticket there?
Seems so, indeed. Actually, I wasn’t able to even generate them directly on card or locally
Thank you for the prompt replies! The coimmand I used was:
gpg --verbose --export-ssh-key firstname.lastname@example.org
Unfortunately, I don’t have the time right now to push this issue upstream, but since you could reproduce the failure I assume gnupg is not ready yet to be used with brainpool512 ECC for SSH logins, so I will have to fall back to something more mature.
A small note for future visitors:
As mentioned here SSH only support the following curves
Thus, gnupg only allows ssh key export of these listed above as well.