Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Oct 22 15:43
    romanz commented #338
  • Oct 22 15:43
    romanz closed #338
  • Oct 22 15:43

    romanz on master

    fix: linter fixes and added pyt… Merge branch 'feature/fix-conti… (compare)

  • Oct 22 15:42

    romanz on fix-ci

    fix: linter fixes and added pyt… Merge branch 'feature/fix-conti… (compare)

  • Oct 22 09:52
    romanz commented #332
  • Oct 22 09:52
    romanz commented #332
  • Oct 22 09:52
    romanz closed #336
  • Oct 22 09:52

    romanz on onlykey

    (compare)

  • Oct 22 09:52
    romanz closed #337
  • Oct 22 09:52

    romanz on master

    Move decompression into device.… Add OnlyKey support (compare)

  • Oct 21 17:44
    onlykey commented #337
  • Oct 21 17:42
    cr7pt0 commented #337
  • Oct 21 17:41
    cr7pt0 commented #337
  • Oct 15 22:42
    lhindir commented #337
  • Oct 14 23:06
    galuszkak opened #338
  • Oct 14 23:04
  • Oct 06 15:18
  • Oct 04 12:25
    joshuayoerger starred romanz/trezor-agent
  • Oct 02 21:00
    stepansnigirev starred romanz/trezor-agent
  • Oct 02 11:47
    romanz commented #88
matrixbot
@matrixbot
Antonio Yang I am Taiwaness, and use trezor and appreciate your works
JollyRoger Ohh wait up I see what happened, when we contacted RomanZ, we all contacted him through the same bridge.
JollyRoger I have a tiny bit of bad news for you on the keyserver front; the keyserver network may actually be in a very bad shape at this moment and prone to certificate flooding attacks; at this moment most Linux distributions and most modern versions of GPG have been patched to ignore third-party certifications.
JollyRoger Well, if they were downloaded from the Keyserver.
JollyRoger Right now, keys.openpgp.org/ is probably the best one to use in interim, since it's a validating keyserver.
JollyRoger So you might want to try to set your version of GPG to use that keyserver.
JollyRoger Just before you do --
JollyRoger Make sure you set an expiry date!
JollyRoger keys.openpgp.org doesn't respect revocations at this moment and will silently discard revocations.
Antonio Yang Got it, I will try to figure out this
matrixbot
@matrixbot
JollyRoger So make sure you set an expiry date and it should be relatively soon. Remember, you can always renew a PGP key, even if it's past the expiry date.
JollyRoger But if you have to revoke your keys, keys,openpgp.org for some reason has this bug that won't respect the revocation packet and will silently discard it.
JollyRoger They know about this bug at this moment but aren't sure when it will be fixed.
Antonio Yang Ic
Antonio Yang I want to build a key server, because that I want to help with some decentralized concept.
JollyRoger Oh wow.
Antonio Yang But I am not realy have experience to maintain that kind of server.
JollyRoger Yeah. Running any sort of service is going to be a lot of work, setting it up is just the tip of the iceberg.
JollyRoger I've never tried it. :(
matrixbot
@matrixbot
Antonio Yang I know the trezor agent can use to be a ssh key, and I will try it latter. If I encounter some problems, may I ask here?
JollyRoger Sure, either I or RomanZ can try to help you out.
JollyRoger It's like 5 Am in the morning for me so I have to go, but I have the following aliased... just a sec...
Antonio Yang Thank you.
Antonio Yang cya~~
Antonio Yang I come from Taiwan, and it is 5 pm now. :)
Antonio Yang Nice to meet you.
JollyRoger Once you get trezor-agent installed, try out
trezor-agent --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -e=ed25519 [yourname@yourhost.com]
JollyRoger Then to connect, just add -c to the end of it.
Antonio Yang Cool, thanks.
JollyRoger so when I log into my server at jollyrogers.ca I just use trezor-agent --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -e=ed25519 -c peter@jollyrogers.ca
matrixbot
@matrixbot
JollyRoger If you don't use pinentry-gtk-2 then just ski --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -- you can either choose to enter it on the device or just enter it on the commandline.
JollyRoger Whoops:
JollyRoger ** correction: If you don't use pinentry-gtk-2 then just skip
JollyRoger For privacy, each time you enter a different address to ssh to, the output keys will change. So it'll produce you different keys for say peter@jollyrogers.ca and patrick@jollyrogers.ca
Antonio Yang Thank it is very helpful. If your need some documentation with traditional chinese or simplify chinese. Please feel free to let me know.
JollyRoger Wow! That's awesome!
JollyRoger I have to get running, nice to meet you too, see you soon!
JollyRoger Thanks to Roman Zeyde for his work ^_^.
Antonio Yang And I also am python and rust software developer, and willing to help
JollyRoger Oh wow, definitely talk to Roman Zeyde (Gitter) then!
matrixbot
@matrixbot
JollyRoger Alright, have a good day :)
Antonio Yang Have a nice day, cya~
matrixbot
@matrixbot

Antonio Yang > <@JollyRoger:matrix.org> If you don't use pinentry-gtk-2 then just ski --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -- you can either choose to enter it on the device or just enter it on the commandline.

This is cool, but how can I pass the public key to my server. I have tried trezor-agent --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -e=ed25519 -s zsh then ssh-add -L to get the public key.

Antonio Yang I want not only ssh with trezor but only with trezor to my remote server, so I want to copy the public key on to my server. Give me some hint, I will try to write a similar feature as ssh-copy-id for trezor-agent. Thanks.
Roman Zeyde
@romanz
Hey folks!
Many thanks for the kind words :)
Please let me know if there is something missing from the documentation.
matrixbot
@matrixbot
Antonio Yang Thanks RomanZ. I watch the video and read the document. It is very detail, and I should look at this at first.
matrixbot
@matrixbot
JollyRoger Hey Roman, you have very good documentation! I have been hoping I can free up some time, I decided I would try to learn python since Java has been a difficult experience for me so far.

JollyRoger > <@yanganto:matrix.org> This is cool, but how can I pass the public key to my server. I have tried trezor-agent --passphrase-entry-binary=/usr/bin/pinentry-gtk-2 -e=ed25519 -s zsh then ssh-add -L to get the public key.

To pass the public key to your server you'll likely need to pipe the output of the command to generate the key to a .pub file and then use scp or rsync with a password... I currently have to do it through my out of band management stack if I have no keys set up.

matrixbot
@matrixbot
hpfr I have an OnlyKey and was planning to start using this agent once support is merged, anyone know if keys stay in the agent when the device is unplugged? Not sure how that works