Add decryption agent functionality #63
Comments
|
A (r)age plugin that uses yubikey-agent is on the roadmap :) |
|
|
|
The changes are more than "inspired" by my code. |
|
I updated the relevant places with a copyright notice pointing to the source, the links in my first comments are updated accordingly. I'm sorry that I forgot the attribution to tv42 in these places. To my knowledge these three are all places where your work is used. @tv42 please let me know if you see more problems. This licensing jumble is not really nice in the code (there is also some code copied from age itself but that could potentially be resolved easily by the author of age). I want state it very clear here too that this is not like a MR but just in a "works for me" state. I'm not too eager to deal with license compatibility, copyright and such stuff. I'd rather retract the whole thing. |
|
Is there a repo we can checkout to assist or just keep track of the progress? |
I'm currently using the OpenPGP applet on my Yubikey for two things: SSH authentication and password decryption with pass. Given all the well-known UX issues with gpg and smart cards/hardware tokens, I would like to switch to yubikey-agent, (r)age & PIV. Most of the ecosystem is there or not hard to build (such as a pass clone that relies on age), but currently the two use cases authentication and decryption don't work well simultaneously due to the need for exclusive reader access.
A convenient feature of gpg that works around the "reader lock" issue is that it can work as an agent for both SSH auth and decryption. What are thoughts about adding decryption agent functionality to yubikey-agent, which could then be used by (r)age?
The text was updated successfully, but these errors were encountered: