{"id":13546492,"url":"https://github.com/jcs/ssh-agent-card-prompt","last_synced_at":"2025-12-27T04:57:40.994Z","repository":{"id":66797893,"uuid":"215403274","full_name":"jcs/ssh-agent-card-prompt","owner":"jcs","description":"A prompt for ssh-agent(1) when your Yubikey needs poking","archived":false,"fork":false,"pushed_at":"2020-02-27T00:12:04.000Z","size":22,"stargazers_count":44,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-26T05:04:42.975Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jcs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-10-15T21:51:46.000Z","updated_at":"2024-07-31T20:46:27.000Z","dependencies_parsed_at":"2023-03-04T18:15:46.058Z","dependency_job_id":null,"html_url":"https://github.com/jcs/ssh-agent-card-prompt","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Fssh-agent-card-prompt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Fssh-agent-card-prompt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Fssh-agent-card-prompt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcs%2Fssh-agent-card-prompt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jcs","download_url":"https://codeload.github.com/jcs/ssh-agent-card-prompt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246869687,"owners_count":20847176,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T12:00:38.871Z","updated_at":"2025-12-27T04:57:40.987Z","avatar_url":"https://github.com/jcs.png","language":"C","funding_links":[],"categories":["C"],"sub_categories":[],"readme":"# ssh-agent-card-prompt\n\n![https://jcs.org/images/ssh-agent-card-prompt.png](https://jcs.org/images/ssh-agent-card-prompt.png)\n\n**ssh-agent-card-prompt** -\nprompt the user when SSH key signing requests to an\nssh-agent(1)\nrequire tapping a physical security key (such as a YubiKey)\n\n# SYNOPSIS\n\n**ssh-agent-card-prompt**\n\\[**-d**]\n\\[**-p**\u0026nbsp;*prompt*]\n\n# DESCRIPTION\n\nOn startup,\n**ssh-agent-card-prompt**\nmoves the current\nssh-agent(1)\nsocket (as set in the\n`SSH_AUTH_SOCK`\nenvironment variable) to a temporary location and creates a new socket at the\nlocation pointed to by that variable.\n\nWhen an SSH client connects,\n**ssh-agent-card-prompt**\nconnects to the original\nssh-agent(1)\nprocess and proxies requests and responses between the two.\n\nAfter\n**ssh-agent-card-prompt**\ndetects and forwards an SSH\\_AGENTC\\_SIGN\\_REQUEST message that appears to be for\na PKCS key,\nssh-agent(1)\nwill block while waiting for the security key to be tapped and respond to the\nrequest.\nAt that point,\n**ssh-agent-card-prompt**\nwill present a modal X11 window with the\n*prompt*\ntext and information about the process that is making the agent connection,\nreminding the user to tap the key.\n\nIf the Escape key is pressed while presenting the dialog, the connections to\nthe client and ssh-agent are immediately dropped.\nIf the security key is tapped,\nssh-agent(1)\nwill send its response to\n**ssh-agent-card-prompt**\nwhich will then automatically close its X11 window.\n\nWhen\n**ssh-agent-card-prompt**\nexits, the original ssh-agent socket is moved back to the path pointed to by\nthe\n`SSH_AUTH_SOCK`\nvariable.\n\n# CONFIGURATION\n\nYour security key should be configured to require touch confirmation for this\nto be of any use.\n\nFor YubiKey keys, this can be done with\nyubico-piv-tool(1)\nby supplying\n**--touch-policy=always**\nwhen creating/importing keys.\n\n# OPTIONS\n\n**-d**\n\n\u003e Print debugging messages to the terminal.\n\u003e If specified twice, the contents of each message passed will be printed to the\n\u003e terminal.\n\n**-p** *prompt*\n\n\u003e The text presented to the user in the modal dialog.\n\u003e Defaults to \"Tap the security key to continue with signing request\".\n\n# SEE ALSO\n\nssh-agent(1)\n\n# AUTHORS\n\n**ssh-agent-card-prompt**\nwas written by\njoshua stein \u0026lt;[jcs@jcs.org](mailto:jcs@jcs.org)\u0026gt;.\n\nOpenBSD 6.6 - October 15, 2019\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcs%2Fssh-agent-card-prompt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjcs%2Fssh-agent-card-prompt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcs%2Fssh-agent-card-prompt/lists"}