Project

knife-ssh-agent

0.0
No commit activity in last 3 years
No release in over 3 years
knife-ssh-agentcriteo/knife-ssh-agentHomepageDocumentationSource CodeBug Tracker
Authenticate to a chef server using a SSH agent.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
2,405
Stars
2
Forks
2
Watchers
9
 Releases
Current version
0.1
Total releases
1
First release
2017-12-08
Latest release
2017-12-08
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2017-12-08
Reverse Dependencies
0

 Dependencies

Development

bundler
>= 1.0
rake
>= 0
rubocop
>= 0

Runtime

chef
>= 0
net-ssh
>= 4.2
 Project Readme

knife-ssh-agent

Authenticate to a chef server using a SSH agent.

Compatibility

This only works with RSA keys, as it is the only kind supported by chef. Non RSA keys listed by the agent will be ignore.

The SSH agent must be compatbile with SHA-256 as the hash function for the RSASSA-PKCS1-v1_5 signature (see draft-rsa-dsa-sha2-256-03.txt).

  • OpenSSH is compatible since version 7.2
  • GNOME keyring is not compatible

Usage

The following configuration options must be set in your knife.rb

knife[:use_ssh_agent] = true
authentication_protocol_version '1.3'

Version 1.3 of the authentication protocol is required as it's the only one compatible with the signatures generated by the agent.

If your ssh-agent has multiple RSA identities, you can choose which one will be used to sign requets by adding this to your knife.rb

knife[:ssh_agent_identity] = '~/.ssh/chef-rsa-key' # .pub is optional

Otherwise, the first RSA identity listed by the agent will be used.