jacobpascual/trezor-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README-SSH.md

Browse Source
This commit is contained in:
Iskra Delta
2023-01-17 20:40:30 +00:00
committed by GitHub
parent d3817a4eec
commit 7c76bb4df7
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
doc/README-SSH.md
View File

@@ -238,19 +238,23 @@ openssh/openssh-portable@2a9c9f7
##### generate SSH public key ##### generate SSH public key
```
$ trezor-agent -e ed25519 git@github.com | tee ~/.ssh/trezor-github.pub $ trezor-agent -e ed25519 git@github.com | tee ~/.ssh/trezor-github.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvcbhXyaXXNytCLTDfEMlLuwEhtfo0XmPP1U5RsnOZ4 <ssh://git@github.com|ed25519> ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvcbhXyaXXNytCLTDfEMlLuwEhtfo0XmPP1U5RsnOZ4 <ssh://git@github.com|ed25519>
```
##### sign the given file using TREZOR ##### sign the given file using TREZOR
```
$ trezor-agent -e ed25519 git@github.com -- ssh-keygen -Y sign -f ~/.ssh/trezor-github.pub -n file README.md $ trezor-agent -e ed25519 git@github.com -- ssh-keygen -Y sign -f ~/.ssh/trezor-github.pub -n file README.md
Signing file README.md Signing file README.md
Write signature to README.md.sig Write signature to README.md.sig
```
##### set allowed identities for verification (using the above public key) ##### set allowed identities for verification (using the above public key)
```
$ cat allowed $ cat allowed
git@github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvcbhXyaXXNytCLTDfEMlLuwEhtfo0XmPP1U5RsnOZ4 <ssh://git@github.com|ed25519> git@github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvcbhXyaXXNytCLTDfEMlLuwEhtfo0XmPP1U5RsnOZ4 <ssh://git@github.com|ed25519>
```
##### verify the above signature ##### verify the above signature
```
$ ssh-keygen -Y verify -f allowed -I git@github.com -n file -s README.md.sig -vvv < README.md $ ssh-keygen -Y verify -f allowed -I git@github.com -n file -s README.md.sig -vvv < README.md
debug1: sshsig_verify_fd: signature made with hash "sha512" debug1: sshsig_verify_fd: signature made with hash "sha512"
debug1: sshsig_wrap_verify: verify message length 64 debug1: sshsig_wrap_verify: verify message length 64
@@ -258,8 +262,7 @@ debug1: Valid (unverified) signature from key SHA256:6UBhPb5SOoCUfasGC1/aCBegYov
debug1: parse_principals_key_and_options: allowed:1: matched principal "git@github.com" debug1: parse_principals_key_and_options: allowed:1: matched principal "git@github.com"
debug1: allowed:1: matched key and principal debug1: allowed:1: matched key and principal
Good "file" signature for git@github.com with ED25519 key SHA256:6UBhPb5SOoCUfasGC1/aCBegYov0/P3ajd6eNbYg77A Good "file" signature for git@github.com with ED25519 key SHA256:6UBhPb5SOoCUfasGC1/aCBegYov0/P3ajd6eNbYg77A
# ```
## 4. Troubleshooting ## 4. Troubleshooting