This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
ssh agent support #7
Comments
|
Oh this is interesting. It's definitely too soon because age is not even stable yet, but I want to think about this when thinking about the agent strategy. I didn't know the ssh-agent protocol was so extensible. If it's a sane protocol we might even adopt it as the one age agent protocol. Might as well. |
|
Relevant post on the mailing list: https://groups.google.com/d/msg/age-dev/Xe6zW4haGx8/m_jYh7YTAgAJ |
|
ssh-agent support would also make it unnecessary to use something like |
|
Is there any plan to look at this before 1.0 release? |
|
This would also be helpful in the case someone encrypts a message to a GitHub user's SSH key. In my case I use a smart card with GPG for my SSH keys, so this ssh-agent support would make this usable in the first-place for my use-case. Also this means we can update the |
|
Note that since this is a non-standard ssh-agent extension, gpg-agent does not support it, so this does not unlock the capability of using keys on YubiKeys through it. This is a very interesting experiment, but I think we'll focus on native support for YubiKeys (both PIV and maybe even FIDO2 in symmetric mode) and on a dedicated agent (probably https://github.com/FiloSottile/yubikey-agent) which lets us support native age keys. |
|
I'm also interested in this feature. I keep my SSH keys in a keepassxc database, so I currently cannot use them with age. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
I've made a POC for ssh agent support by creating a ssh-agent which uses the ssh-agent extension mechanism. (this way we can keep our keys secure on our devices)
Is this something you would want to support (I can make a PR) or is this out of scope?
The text was updated successfully, but these errors were encountered: