Install the SSH/PGP Agent app on your Ledger device to sign encrypted messages through GNU Privacy Guard (GnuPG). This app is for developers that are proficient in using OpenPGP. It becomes available in My Ledger if Developer mode is activated in Settings > General.
The private keys used are not generated by the recovery phrase set up on the Ledger device. Carefully back them up by yourself. An experimental add-on can generate the PGP keys from the recovery phrase, although it is not fully tested.
Before you start
- Set up Ledger Live with your Ledger device.
- Update the firmware on your Ledger hardware wallet.
Install the OpenPGP app
- Go to Settings > Experimental features in Ledger Live.
- Enable Developer mode.
- Open My Ledger.
- Connect and unlock your device.
- If asked, allow My Ledger to access your device.
- Find OpenPGP in the app catalog.
- Click the Install button of the app.
- An installation window appears.
- Your device will display Processing...
- The app installation is confirmed.
OpenPGP
- Get GnuPG to manage your keys.
- Check the developer documentation on GitHub to learn how to set up and use OpenPGP.
Windows Agent for PuTTy
- Clone the repo: https://github.com/Falsen/ledger-app-ssh-agent
- Run run.bat from the cloned repo.
- Open the SSH/PGP app on your Ledger device.
- Confirm the public key export on your Ledger device.
- Start PuTTy, enter your IP address.
- Under Connection > Data, enter your username.
- Under Connection > SSH > Auth, check Allow agent forwarding.
- Save this profile and you're all set! When logging in you can authenticate with your Ledger device.
- To get the Public key, right-click the Ledger icon in the lower right-hand corner to find the Get public key option. Once you confirm on the device, the public key will be in your clipboard.
run.bat must run at all times. The Ledger icon in the corner confirms that it's working.