Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support 'cosign sign' with private keys handled by SSH agent #3941

Open
jas4711 opened this issue Nov 22, 2024 · 0 comments
Open

Support 'cosign sign' with private keys handled by SSH agent #3941

jas4711 opened this issue Nov 22, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@jas4711
Copy link

jas4711 commented Nov 22, 2024

Hi. It seems 'cosign sign' supports on-disk private keys and PKCS#11 tokens, PIV cards, AWS KMS, GCP KMS, Azure Key Vault, Hashicorp Vault. But there is one fairly common way to access private-keys that is missing: through a SSH agent socket.

Am I missing anything, or is support for signing via a SSH agent socket missing from cosign?

If so, please consider this a request to add support for it.

There is a bunch of SSH agents providing access to private keys held on OpenPGP cards, TPMs, etc that would then be accessible for use by Sigstore cosign.

Thanks,
/Simon
@jas4711 jas4711 added the enhancement New feature or request label Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jas4711