Add forwarding for other agents running in the system, like gpg-agent #2
Comments
|
This would be a great solution to the "get locked out of servers which only have one ssh key" issue raised in #11 Which is actually an issue I face with certain servers I use. So holding off adoption of sekey until this feature is done. Looking forward to using this though, seems wicked! |
|
I've also seen that https://krypt.co are considering similar functionality too over at this issue Perhaps the solution here is to make an additional ssh agent, which is a generic one, that just allows one to specify an ordered list of other ssh agents to defer to. So that new generic ssh agent, would have a ordered list that says, first try the local ssh agent, then try sekey, then try kryptco. |
|
@balupton yes totally, I also use a yubikey for some other work reasons, the code for the forwarding will be push next week!. its almost done. |
|
Any idea if this will allow for chaining ssh-agents? I jump from my local machine to a server via another machine, but if I use sekey as my agent there's something broken along the way. |
|
it should work, im using in that way @nimish, as seen in other tickets im building a new version to debug, i will keep this open and upload the new version. (been with a lot of work so I didnt have time to build it). i will do tomorrow. |
|
Looking forward to it! |
|
There are other “frontend” ssh agent proxies out there. I would suggest using them for fancy setups and leave sekey for a rock solid backend implementation with touchid only. |
Would you please name few? |
|
Like https://github.com/tiwe-de/ssh-agent-filter. But following the unix philosophy, it would be great if sekey worked as a standalone agent accessing the SE, and other routing/filtering/selection would happen in a separate agent. |
Implement forwarding of messages to check if in other agents in the systems exist the key that we need.
The text was updated successfully, but these errors were encountered: