rich1.0Larvitz :fedora: :redhat: (npub1fj…jaq90)https://yabu.me/npub1fj6u59lnses9xu6xa6ewugrfg2e639lg32r24383525xq3deyuaspjaq90njumphttps://yabu.meI use the awesome openpgp-card-ssh-agent (https://codeberg.org/openpgp-card/ssh-agent) from nostr:npub18sqssxupnua6tcej3h0q63merrue6gr5qj095mygacr044l5d8qs0529ap to use physical OpenPGP Smartcards for SSH authentication. Sometimes, I want to use my OpenPGP card while working on a remote system. An incredibly useful feature for that is SSH forwarding in combination with the agents socket (sockets can be forwarded via SSH just like tcp ports): Socket location on my workstation: /run/user/1000/openpgp-card/ssh-agent.sock Socket location on the remote host: $HOME/.tmp/ssh-agent.sock 1. Connecting to the remote server and forwarding the socket: ssh -R /home/username/.tmp/ssh-agent.sock:/run/user/1000/openpgp-card/ssh-agent.sock remote-system.tld 2. Using the Socket on the remote system:: SSH_AUTH_SOCK=$HOME/.tmp/ssh-agent.sock ssh root@some-other-system.tld Warning: This exposes the socket of opengp-card-ssh-agent to the remote system. Anyone with the neccesary privileges can use the session and access your local Smartcard, too. Use this with caution! #linux #ssh