Installed GitHub - unman/qubes-ssh-agent manually.
Sadly the readme seems to be outdated and some instructions are unclear.
Moved the repo to dom0 under /srv/salt.
Did: sudo qubesctl state.apply qubes-ssh-agent.create
Then: sudo qubesctl --skip-dom0 --targets=template-ssh-agent state.apply qubes-ssh-agent.configure_template
Then: sudo qubesctl --skip-dom0 --targets=sys-ssh-agent state.apply qubes-ssh-agent.configure
This is the policy under /etc/qubes/policy.d/50-config-splitssh.policy
qubes.SshAgent +work @anyvm @anyvm ask default_target=sys-ssh-agent
qubes.SshAgent +test @anyvm @anyvm ask default_target=sys-ssh-agent
qubes.SshAgent * @anyvm @anyvm deny
So I created a passwordless sshkey moved it to sys-ssh-agent under ~/keys and created a new “test.service” with the “Configure-new-ssh-agent.sh” script.
If I do ssh-add -L in the “test” VM I get prompet for confirmation and the output The agent has no identities.
How can I sign a message like this help | ssh-keygen -Y sign -n gitea
How can I specify the ssh key I want to access like for accessing a git server or signing commits? git config --global user.signingKey
If I understand correctly the ~/.ssh/config should be in the sys-ssh-agent and thats how you can easily ssh into other servers? But what about the above ?
Can’t figure it out pls send help.