I am attempting to setup SSH entry utilizing a {hardware} backed safety key. IE My non-public secret’s a ed25519-sk key requiring FIDO2 interplay with my yubikey 5 collection.
I am searching for a method to get an SSH agent working mechanically that can be utilized by GUI apps together with GitKraken that may work with a ed25519-sk. I consider the basic subject is that the ssh-agent hits an error whereas attempting to work together with the FIDO2 system as a result of it wants person interplay, and with out an “ask go” obtainable, it may’t work together with the person.
There’s loads of blogs and directions which both level to setting atmosphere variables on the inbuilt ssh-agent, or disabling it solely and changing it with OpenSSH.
Apparently this entire method no-longer works (definitely not in MacOS 15.3) as a result of latest safety hardening has made it unattainable to switch or disable the inbuilt ssh-agent.
Well mannered trace: If you know the way to switch the inbuilt agent’s behaviour, please take a look at earlier than answering as latest safety hardening could have modified the OS behaviour. Numerous articles on google shall be incorrect because of this.
What I can do is set up an ssh-askpass by brew, set up openssh with brew, after which in a shell setup an openssh ssh-agent configured to make use of ssh-askpass.
However that is solely good for that shell. Different instruments, together with GitKraken cannot discover the ssh-agent, and I can not discover a method to direct GUI instruments on the ssh-agent began within the shell.
Actually I am searching for an computerized resolution, not one I’ve to work by a litany of instructions each session.
That is really a really primary query for a slender area. Virtually anybody utilizing a FIDO2 system for SSH on MacOS is prone to have hit this drawback.
Nevertheless, the sign/noise ratio on Google is at the moment very poor on this area as a result of overwhelming majority of blogs, how-to guides, and many others. utilizing a method that no-longer works as of some months in the past.
I am not searching for somebody to google this for me, I am hoping somebody with particular area data of the subject could have already got a solution.
So briefly I am merely searching for a method to get ssh-agent (inbuilt) to make use of an ask-pass program when it wants interplay from the person.
