-
Notifications
You must be signed in to change notification settings - Fork 93
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is an ssh-agent contribution welcome? #160
Comments
The plan for agent support is that we first get plugin support (#99) finished and merged, and then the plugin protocol can be used to implement an agent, by having a short-lived agent plugin that calls out to the long-lived agent process. It should be possible to write an age plugin that literally just wraps |
I've also been looking at this and I'm not sure if the ssh-agent protocol allows age-compatible decryption, the one operation using private key it can perform is generating signatures, while (r)age need access to the raw private key, right? https://github.com/leighmcculloch/sshcrypt works around this by signing a challenge through ssh-agent and using the signature as the symmetric encryption key. |
Aah, darn. In that case, it will need to be part of an age-aware agent, but would still be implemented as a plugin. |
Without re-opening the issue, I am wondering if it is possible to implement a "re-use passphrase" feature in rage, e.g. by intercepting the passphrase and giving it again to further invocations of rage in some way? I would try to use |
An interesting finding would be to reuse existing infrastructure around |
I have an application where many files need to be decrypted and re-encrypted at the same time, and support for ssh-agent in decrypting password protected ssh keys would be really nice.
@str4d, are you open to a contribution that adds support for ssh-agent?
The text was updated successfully, but these errors were encountered: