{"id":20279351,"url":"https://github.com/simplito/ledger-ssh-add","last_synced_at":"2025-09-17T20:05:39.757Z","repository":{"id":89901833,"uuid":"198244518","full_name":"simplito/ledger-ssh-add","owner":"simplito","description":"ledger-ssh-add (authenticate once, use multiple times)","archived":false,"fork":false,"pushed_at":"2020-11-01T16:41:44.000Z","size":2,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-14T07:11:40.575Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simplito.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-22T14:51:42.000Z","updated_at":"2025-01-04T16:16:22.000Z","dependencies_parsed_at":"2023-04-16T15:00:43.131Z","dependency_job_id":null,"html_url":"https://github.com/simplito/ledger-ssh-add","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fledger-ssh-add","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fledger-ssh-add/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fledger-ssh-add/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simplito%2Fledger-ssh-add/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simplito","download_url":"https://codeload.github.com/simplito/ledger-ssh-add/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241773259,"owners_count":20018064,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-14T13:29:37.334Z","updated_at":"2025-09-17T20:05:34.685Z","avatar_url":"https://github.com/simplito.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ledger-ssh-add (authenticate once, use multiple times)\nIf you are a sysadmin and you are using your Ledger Nano device as your hardware ssh key (probably using [ledger_agent](https://pypi.org/project/ledger_agent/)) and you are tired of authorising every request using your device, then this tool is created for you.\n\nInstead of using dedicated ssh agent for signing every request using private key stored in your hardware device it instead uses your hardware device to derive the private key for given identity and uses the system default ssh agent to store it for specified amount of time.\n\nThat way you can use the key from any shell in the system for specified amount of time without the need of signing every action separately.\n\nWhen executed the tool adds the derived key to the default system ssh agent with given timeout and displays the public key which you should add to `.ssh/authorized_keys` on remote servers.\n\nAt any time you can remove the derived key from system ssh agent using:\n```bash\nssh-add -D\n```\n\n## Usage\n\n```\nusage: ledger-ssh-add [-h] [--timeout TIMEOUT] [--salt SALT] [--nopass]\n                      identity\n\npositional arguments:\n  identity           identity name for key derivation (e.g. user@host)\n\noptional arguments:\n  -h, --help         show this help message and exit\n  --timeout TIMEOUT  set lifetime (in seconds) when adding identities (default\n                     3600)\n  --salt SALT        extra salt for key derivation\n  --nopass           use empty password for key derivation\n```\n\n## Example\n\n```bash\n$ ledger-ssh-add example.com\nPassword:\necdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAPCCcVGxehN7YCZg55EE2rssMGz1Fkc8/xdh5TV6bY1L3jDj2+zPOa5zXIMDLNFCVthmbhIYvpXTJkhTfxHaXzTiNuYrxyJCd8vqm8pDKi1kIZOMAPLIG3+qJ1KtsDzIA==\n```\n\n## Note\n\nIf you have problems with accessing your ledger nano device under Linux you should add proper udev rules using the `add_uder_rules.sh` script from [here](https://github.com/LedgerHQ/udev-rules).\n\n## External links\n1. [A Step by Step Guide to Securing your SSH Keys with the Ledger Nano S](https://thoughts.t37.net/a-step-by-step-guide-to-securing-your-ssh-keys-with-the-ledger-nano-s-92e58c64a005)\n2. https://github.com/LedgerHQ/ledger-app-ssh-agent\n3. https://github.com/romanz/trezor-agent\n4. https://github.com/LedgerHQ/udev-rules\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimplito%2Fledger-ssh-add","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimplito%2Fledger-ssh-add","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimplito%2Fledger-ssh-add/lists"}