On Fri, Sep 08, 2023 at 08:10:44AM +0200, haaber wrote:
> I tried to configure split-ssh according to the tutorial on qubes pages,
> in its simple version (just agent, but no keepass integration). But now
> ssh offers *all* my private keys to *all* servers, which is odd, but
> more annoying, it usually breaks connections after 3 "false" public keys
> ...
>
> Clearly, I did something wrong, but I do not understand well-enough what
> I should change. Did some have/solve this problem already or have a
> hint for me, please? Thank you!
>
I dont think you did anything wrong.
I think what you are looking for is something like my split-ssh-agent -
This allows you to have multiple keys, allocated as you will between different
agents on the ssh back-end.
>From each calling qube, you specify (in policy) what agent should be
called, and this is passed through to the ssh back-end to serve up the
appropriate keys.
You can find it at https://github.com/unman/qubes-ssh-agent or a
packaged version for easy installation at https://qubes.3isec.org/tasks.html
If you dont use it, it should give you one idea of how you might go on.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/ZP3nIme3BRQK%2BktD%40thirdeyesecurity.org.