On Fri, Sep 08, 2023 at 08:10:44AM +0200, haaber wrote: > I tried to configure split-ssh according to the tutorial on qubes pages, > in its simple version (just agent, but no keepass integration). But now > ssh offers *all* my private keys to *all* servers, which is odd, but > more annoying, it usually breaks connections after 3 "false" public keys > ... > > Clearly, I did something wrong, but I do not understand well-enough what > I should change. Did some have/solve this problem already or have a > hint for me, please? Thank you! >
I dont think you did anything wrong. I think what you are looking for is something like my split-ssh-agent - This allows you to have multiple keys, allocated as you will between different agents on the ssh back-end. >From each calling qube, you specify (in policy) what agent should be called, and this is passed through to the ssh back-end to serve up the appropriate keys. You can find it at https://github.com/unman/qubes-ssh-agent or a packaged version for easy installation at https://qubes.3isec.org/tasks.html If you dont use it, it should give you one idea of how you might go on. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ZP3nIme3BRQK%2BktD%40thirdeyesecurity.org.
