Skip to content
/ operations-software-keyholder Public

Allow groups of users to securely authenticate via a shared ssh agent. Mirror from https://gerrit.wikimedia.org/g/operations/software/keyholder - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

License

View license
0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

wikimedia/operations-software-keyholder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits
bin
bin
 
 
keyholder
keyholder
 
 
misc
misc
 
 
.gitignore
.gitignore
 
 
.gitreview
.gitreview
 
 
LICENSE
LICENSE
 
 
README.rst
README.rst
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 
tox.ini
tox.ini
 
 

Repository files navigation

Keyholder

keyholder provides a means of allowing a group of trusted users to use a shared SSH identity without exposing the identity's private key.

The agent binds the socket at this address by default

/run/keyholder/agent.sock (0666)

Before the shared SSH agent can be used, it must be armed by a user with access to the private key. This can be done by running:

$ /usr/sbin/keyholder arm

Users in the trusted group can use the shared agent by running:

$ SSH_AUTH_SOCK=/run/keyholder/agent.sock ssh remote-host ...

License

Apache 2.0

About

Allow groups of users to securely authenticate via a shared ssh agent. Mirror from https://gerrit.wikimedia.org/g/operations/software/keyholder - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

Resources

Readme

License

View license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

0 stars

Watchers

28 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 7

Languages