Feature request : allow unattented ssh connection until a command has finished

Question

Feature request : allow unattented ssh connection until a command has finished

Opened this issue 2 years ago · 2 comments

Trying to use onlykey-agent with ansible to manage multiple hosts in parallel or even serialy :
the agent requires pin chalenge for each host, thus making mass ssh impossible.

I suggess to add a feature to "unlock the ssh key" until a command has ended :

onlykey-agent identity@host --unlock-until-finished -- ansible-playbook play.yml
Enter the 3 digit challenge code on OnlyKey to authorize identity@host
..
ansible runs via  ssh on host1
ansible runs via  ssh on host2
...

basically this means having to enter the challenge once per command, not per host.

Answer 1 · 2022-06-02T15:00:24.000Z

@euidzero You can disable the pin challenge and only require pressing button on device - https://docs.crp.to/onlykey-agent.html#setting-derived-key-user-input-mode

This is currently required for GnuPG as there isn't a way to display the challenge PIN

Answer 2 · 2022-06-02T15:10:42.000Z

This won't be working when managing more than a few severs at a time..think hundreds or thousands of hosts to SSH to. Le jeu. 2 juin 2022 à 17:00, onlykey ***@***.***> a écrit :

…

@euidzero <https://github.com/euidzero> You can disable the pin challenge and only require pressing button on device - https://docs.crp.to/onlykey-agent.html#setting-derived-key-user-input-mode This is currently required for GnuPG as there isn't a way to display the challenge PIN — Reply to this email directly, view it on GitHub <#34 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AADLUHBW4FCCPSUE4PQXFADVNDEBFANCNFSM5XMZYUZA> . You are receiving this because you were mentioned.Message ID: ***@***.***>