Comments (7)
Oh this is interesting. It's definitely too soon because age is not even stable yet, but I want to think about this when thinking about the agent strategy. I didn't know the ssh-agent protocol was so extensible. If it's a sane protocol we might even adopt it as the one age agent protocol. Might as well.
from age.
Note that since this is a non-standard ssh-agent extension, gpg-agent does not support it, so this does not unlock the capability of using keys on YubiKeys through it.
This is a very interesting experiment, but I think we'll focus on native support for YubiKeys (both PIV and maybe even FIDO2 in symmetric mode) and on a dedicated agent (probably https://github.com/FiloSottile/yubikey-agent) which lets us support native age keys.
from age.
Relevant post on the mailing list: https://groups.google.com/d/msg/age-dev/Xe6zW4haGx8/m_jYh7YTAgAJ
from age.
ssh-agent support would also make it unnecessary to use something like go-piv
to use private keys stored on dedicated hardware that GnuPG already supports.
from age.
Is there any plan to look at this before 1.0 release?
from age.
This would also be helpful in the case someone encrypts a message to a GitHub user's SSH key.
In my case I use a smart card with GPG for my SSH keys, so this ssh-agent support would make this usable in the first-place for my use-case.
Also this means we can update the and that SSH keys held on YubiKeys can't be used to decrypt files.
note in the readme 🙂
from age.
I'm also interested in this feature. I keep my SSH keys in a keepassxc database, so I currently cannot use them with age.
from age.
Related Issues (20)
- Age terminates too soon on MacOS HOT 5
- Can this method be used to encrypt movie files? HOT 1
- report unexpected HOT 1
- age: error: failed to wrap key for recipient #0: test plugin: write |1: broken pipe HOT 16
- Plugin receives only one identity or recipient when there are multiple HOT 1
- failed to decrypt and authenticate payload chunk HOT 1
- Documentation bug in /README.md #encrypting-to-a-github-user HOT 2
- Support `sk-ssh` keys HOT 2
- brew install: not a tagged release HOT 1
- Specified SSH key is not eligible for claiming. Only RSA and Ed25519 keys are supported for proof generation. HOT 9
- Couldn't decrypt with that SSH key, please choose another one. HOT 1
- Couldn't decrypt with that SSH key, please choose another one. HOT 1
- Unable to claim the reward of 5000 token FLT HOT 1
- Unsupported SSH key type: ecdsa-sha2-nistp256 HOT 2
- Decryption does not create a file when data is empty HOT 1
- ssh connection to Github HOT 1
- I am the winner of the airdrop HOT 2
- unable to decrypt a proof with ssh key HOT 1
- Choco and scoop were unable to install age in windows
- Management of `Harvest Now, Decrypt Later` strategy and Post Quantum Safe Cryptography HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from age.