Trusted Key SSH Agent
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
scripts
systemd
vendor/src/golang.org/x
.gitignore
.gitmodules
.travis.yml
COPYING
Makefile
README.org
agent.go
conf.go
conf.json
config.go
enroll.go
http.go
main.go
notify.go
proxy-agent.go
shell.nix
systemd.go
systemd_linux.go
tk-agent.go
tk-signer.go
utils.go

README.org

Trusted Key SSH Agent

https://travis-ci.org/trustedkey/tk-ssh-agent.svg?branch=master

SSH Agent utilizing the Trusted Key mobile App

For more information go to ssh.trustedkey.com

Blockchain integration

Together with the optional server-side service tk-ssh-authkeys can leverage the Ethereum based Trusted Key blockchain for self-serve key revocation and recovery.

Installation

Debian/Ubuntu

Add to /etc/apt/sources.list file:

deb [arch=amd64] https://deb.trustedkey.com/ /

Install the tk-ssh-agent:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ECF25D3C6EFE67F3C507613210FEB5D9B9357BB5
apt-get update
apt-get install tk-ssh-agent

Use the systemd socket activated service

tk-ssh-agent enroll --email <youremail@example.com>
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/tk-ssh-auth.sock
ssh username@host

Windows/WSL

SSH agents only work in the context of Cygwin, Git for Windows or WSL.

Add to /etc/apt/sources.list file:

deb [arch=amd64] https://deb.trustedkey.com/ /

Install the tk-ssh-agent:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FA75289B489AE1A51BCA18ABED58F95069B004F5
apt-get update
apt-get install tk-ssh-agent

Tie the tk-ssh-agent to your Trusted Key Mobile App:

tk-ssh-agent enroll --email <youremail@example.com>  # use email you registered with Trusted Key App
Verify enrollment with Trusted Key App

Scripted Operation

Put this in your ~/.profile:

pgrep 'tk-ssh-agent' > /dev/null || (rm -f /tmp/tk-ssh-auth.sock && tk-ssh-agent agent --quiet &)
export SSH_AUTH_SOCK="/tmp/tk-ssh-auth.sock"
ssh-add

Manual Operation

tk-ssh-agent agent  # Runs the agent, will block your terminal
export SSH_AUTH_SOCK='/tmp/tk-ssh-auth.sock'

Redhat/Fedora

Add the following to /etc/yum.repos.d/trustedkey.repo

[trustedkey]
name=Trusted Key repository
baseurl=https://rpm.trustedkey.com/
enabled=1
gpgcheck=1
gpgkey=https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&options=mr&search=0x10FEB5D9B9357BB5
yum install tk-ssh-agent

Tie the tk-ssh-agent to your Trusted Key Mobile App:

tk-ssh-agent enroll --email <youremail@example.com>  # use email you registered with Trusted Key App
Verify enrollment with Trusted Key App

From source

Install Golang

This is operating systems dependent, use a package manager like apt-get or brew. Golang 1.7 or newer is required.

Compile

Make sure you’ve cloned the repo with --recursive or git submodule update.

make
make install

Other Repositories

NixOS

Use the Trusted key nixpkgs overlay

Mac OSX

Use the Trusted Key homebrew tap