Use SequelPro with OpenPGP cards like a YubiKey

The YubiKey is a great OpenGPG smart card compatible hardware device. I use my YubiKey to store my private GnuPG key and for authenticating SSH connections. A few applications, however, don’t work with the OpenGPG card and require a file containing the key per default; Sequel Pro is one of them.

Luckily I stumbled upon an older issue at GitHub with a neat workaround using Automator in macOS.

The Basics

Together with the latest GPG Suite for macOS, the configuration is not more complex than adding a line to your .bash_rc or .zshrc file:

export SSH_AUTH_SOCK=/Users/sbstjn/.gnupg/S.gpg-agent.ssh

This tells your SSH application to use the GPG Agent for any authentication requests. So when you run ssh user@host, a prompt will ask you for your smart card pin instead. Awesome!

Automator

Use Automator in macOS to create a new application and configure Automator to run a shell script containing the following lines:

source ~/.zshrc
/Applications/Sequel\ Pro.app/Contents/MacOS/Sequel\ Pro

Automator: Create Application

Automator: Run Shell Script

This post is mostly a reminder for my future self how to setup macOS, Sequel Pro, and a YubiKey to access MySQL databases using an SSH tunnel.