I'm using my laptop's fingerprint reader to unlock computer and for sudo.
I also use a GPG key with password to sign my git commits.
Is there a way to have the GPG key be unlocked with fingerprint?
Relevant System information:
Although passwords can be used for both authentication and encryption, that does not hold true for all methods of authentication.
Decryption is reversing a transformation done based on some (secret) data, and the only way to do that is with the exact same data. Authentication, on the other hand, is verifying that the supplied piece of data (password / fingerprint / etc.) matches the one registered.
It can be determined that an image of a fingerprint is of the same finger as the one used to enroll, but the images won't be exactly the same. So if you would encrypt your GPG key with the data from a fingerprint image, you wouldn't be able to decrypt it using another image, even if we know it is of the same finger.
While I can't provide suggestions for specific software, since I don't know it. By thinking about it for a couple of minutes, I could think of two (2) ways of how this could work:
Your GPG key is encrypted using a TPM and you use your fingerprint for authentication, through appropriate software, to somehow "ask" the TPM to decrypt the key.
Use the password to decrypt the key the first time it is decrypted and then it remains in protected memory controlled by an Agent/software. The Agent/software verifies your fingerprint for subsequent authorizations for the key to be used.
