Commits on Nov 23, 2024

1. Parse SSH identity with spaces

   

   romanz committed Nov 23, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 87f7117
   • Browse repository at this point

   Copy the full SHA

   87f7117 View commit details

   Browse the repository at this point in the history

2. Support SSH CA generation …

   Fixes #491.
   
   Usage example:
   
     ## generate TREZOR-based SSH CA public key
     $ trezor-agent -v 'SSH Certificate Authority' > /etc/ssh/trezor-ca.pub
     $ echo 'TrustedUserCAKeys /etc/ssh/trezor-ca.pub' | sudo tee -a /etc/ssh/sshd_config
     $ sudo systemctl restart ssh
   
     ## generate user-specific SSH key and certify it using trezor-agent
     $ ssh-keygen -t ed25519 -f user-key
     $ trezor-agent -v 'SSH Certificate Authority' -- \
         ssh-keygen -Us trezor-ca.pub -V '+10m' -I user-id -n user user-key.pub
     ...
     Signed user key user-key-cert.pub: id "user-id" serial 0 for user valid from 2024-11-23T20:25:00 to 2024-11-23T20:36:27
   
     ## use the certificate to login
     ssh -v user@localhost -o CertificateFile=user-key-cert.pub -i user-key
     ...
     debug1: Will attempt key: user-key-cert.pub ED25519-CERT SHA256:xdbgtQmUs5tUNf04f4Y3oQl5LGdBAMVjCH63R6EHH5Y explicit
     debug1: Will attempt key: user-key ED25519 SHA256:xdbgtQmUs5tUNf04f4Y3oQl5LGdBAMVjCH63R6EHH5Y explicit
     ...
     debug1: Offering public key: user-key-cert.pub ED25519-CERT SHA256:xdbgtQmUs5tUNf04f4Y3oQl5LGdBAMVjCH63R6EHH5Y explicit
     debug1: Server accepts key: user-key-cert.pub ED25519-CERT SHA256:xdbgtQmUs5tUNf04f4Y3oQl5LGdBAMVjCH63R6EHH5Y explicit
     Authenticated to localhost ([::1]:22) using "publickey".
     ...

   

   romanz committed Nov 23, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for f1fe7b5
   • Browse repository at this point

   Copy the full SHA

   f1fe7b5 View commit details

   Browse the repository at this point in the history