Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ssh-agent (or equivalent) #81

Closed
joeshaw opened this issue Aug 16, 2016 · 40 comments
Closed

Add ssh-agent (or equivalent) #81

joeshaw opened this issue Aug 16, 2016 · 40 comments
Labels
bug Bug that's either related to Blink Shell or prevents the user to use the app in normal conditions. feature Feature requested by users RTT Ready to test on Test Flight ssh SSH connection issues
Milestone

Comments

@joeshaw
Copy link

joeshaw commented Aug 16, 2016

Blink 0.916.26

Having to type in your passphrase repeatedly is a pain. It'd be nice if Blink had some sort of equivalent to ssh-agent so I could unlock my keys once when first required (or after some timeout) and they'd be used for all subsequent requests.

@joeshaw
Copy link
Author

joeshaw commented Aug 16, 2016

vaguely related to #58

@carloscabanero carloscabanero added feature Feature requested by users icebox labels Aug 16, 2016
@carloscabanero
Copy link
Member

Agreed. Thinking about a way to make everything work together. Still haven't figured out a way to do TouchID that doesn't bother me. If you have any suggestions on what the experience would look like, please shoot :)

@melo
Copy link

melo commented Nov 23, 2016

I think TouchID is great, but only for those who have it :)

I would appreciate if the ssh-agent-like functionality would not be tied up to TouchID. I don't have a problem typing my passphrase, but please make it only once, then keep the unencrypted key in memory, just like ssh-agent does.

You could ask the passphrase just before connecting to a host that uses a key that is not present in your agent.

edited: I'm also following #58, the discussion is longer there...

@rcarmo
Copy link

rcarmo commented Feb 23, 2017

Well, it's been a while, so I thought I'd bump this thread, for the following reasons:

  • it's VERY tedious to keep typing in my pass phrase on every connection
  • without agent forwarding, I can't check out git repos on the remote host

Both of these, put together, mean I can't currently use Blink effectively, so I've gone back to Prompt and am putting up with it's slowness...

@Blaok
Copy link

Blaok commented Apr 19, 2017

I would be strongly against storing the key in memory and prompt nothing when it is used, as ssh-agent does. I guess ssh-agent is designed for personal computera where access is restricted, instead of servers. The remote machine can be shared and someone else can ask for your key without your permission (at least that is my understanding, please let me know if that is not the case). Please at least ask for confirmation when the key stored in memory is requested, if this feature is added some day.

@docwhat
Copy link

docwhat commented Jul 6, 2017

I think the correct way, in iOS 10+, is to use the keychain to store the keys in. Let the keychain unlock and provide the keys for you. Then you don’t have problems with keeping unlocked keys in memory, etc.

@rcarmo
Copy link

rcarmo commented Jul 6, 2017 via email

@rcarmo
Copy link

rcarmo commented Feb 15, 2018

I’m going to bump this, since it’s been open since 2016 and is still the main reason I can’t use Blink daily.

@schelhorn
Copy link

schelhorn commented Feb 18, 2018

Apparently, the mosh protocol does not support ssh-agent; the mosh people have therefore, after having having been asked for support, built their own agent implementation, which also is supposed to be compatible with ssh and offers additional security features, as is described in the research paper.

The implementation of the guardian-agent is located here. It's in go, though, so I don't know how integration into iOS will look like. Seems to be the clearly superior solution from a technical point of view, though.

May I suggest that this implementation could serve as basis for the blink agent support?

@brandonshough
Copy link

BUMP. :)

@tmm1
Copy link

tmm1 commented Mar 4, 2018

The implementation of the guardian-agent is located here. It's in go, though, so I don't know how integration into iOS will look like.

FYI, you can use gomobile to generate obj-c bindings and a dylib for iOS.

@yury yury added the WIP Work In Progress label Sep 17, 2018
yury added a commit to yury/blink that referenced this issue Sep 18, 2018
@prg3
Copy link

prg3 commented Nov 1, 2018

I would disagree that this is Done from @yury's work, that adds agent to ssh connections, but doesn't deal with the Mosh connections at all? As @schelhorn mentions, guardian-agent appears to be the official Mosh supported way to have agent-like functionality.

@rcarmo
Copy link

rcarmo commented Nov 3, 2018

Would be nice to have updated docs. The binaries are there, but without the niceties of a standard shell it’s tricky to set these up.

@rcarmo
Copy link

rcarmo commented May 22, 2019

How far along is this? I’ve been checking in every 6 months, and keep using Prompt because a) it understands agents and b) it stores the password for my private key.

Every time I fire up Blink after an update I keep bumping up against it not even saving the private key password (and no, logging in via a password to many servers is not feasible - some I don’t even have passwords for, just the key).

@brandonshough
Copy link

Keep dreaming @rcarmo

@yury
Copy link
Collaborator

yury commented May 22, 2019

Agents are working, just run ssh-agent in separate tab and run ssh-agent.

Private key passwords are rudimental thing since we storing keys in Secure Enclave.

@rcarmo
Copy link

rcarmo commented May 22, 2019

Exactly why do I need to run ssh-agent on a separate tab? Last time I tried there was no documentation about that (only comments on issues here), and I would expect it to be integrated into options...

@yury
Copy link
Collaborator

yury commented May 22, 2019

Agreed here, we need better integration.

@rcarmo
Copy link

rcarmo commented May 22, 2019

And docs. I’m trying ssh-agent right now, and ssh-add apparently does nothing (no idea where it’s looking for keys).

@yury
Copy link
Collaborator

yury commented May 22, 2019

ssh-add <key_name> like ssh-add id_rsa
or path to your key in file system.

@rcarmo
Copy link

rcarmo commented May 22, 2019

Thanks. Not having a default nor any output from the command when invoked without arguments made it hard to figure out.

Too bad this needs to be done every time I start the app, it’s quite kludgy.

@yury
Copy link
Collaborator

yury commented May 22, 2019

Yep, agreed here too. That is why this issue is not closed yet.

@rcarmo
Copy link

rcarmo commented Jul 7, 2019

Any progress on this? I’ve just had another run in with ssh_agent and really wish this was seamless and only needed to be done once.

@yury
Copy link
Collaborator

yury commented Jul 8, 2019

Not yet, sir.

@rcarmo
Copy link

rcarmo commented Nov 3, 2019

Hi there again. I was wondering what was the state of affairs here, since I tried Blink again and I still can’t seem to get ssh-agent to work seamlessly (sometimes not at all).

@dakira
Copy link

dakira commented Nov 3, 2019

@rcarmo This has been working flawless for me for a very long time. It would certainly be nice if it were easier to use (i.e. the agent running automatically and keys being added automatically) but it's really not that much of an inconvenience.

  1. run ssh-agent
  2. douple-tap for new terminal
  3. run ssh-add id_rsa (or whatever your key is called)
  4. connect normally (i.e. ssh -A user@server).

As ctrl+R works, the setup takes seconds.

@carloscabanero
Copy link
Member

The agent functionality was improved a few releases ago.

I agree maybe the agent could run in the background or prompt if you would like to store it within the agent every time, just for convenience. But reality is that for this to be secure, and considering how often iOS clears the app from the background, you will get prompted often anyway.

Having a passphrase for your key on Blink is less necessary as keys are kept within the Secure Enclave anyway, which is already an encrypted area. So you may be better just getting rid of it.

If you may still need it for some reason, it would help to know exactly what isn’t working, other than the UI. Is there anything different when it works and when it doesn’t? What key type of key is it? What type of encoding and encryption?

The agent has been considered to work for a long time, we even have started to add support for hardware keys to it. We want to definitely make it better and for the UI we added some stuff in this Blink 13 so we can finally finish the implementation. But the UI won’t be enough with the “sometimes it works and sometimes doesn’t”

@rcarmo
Copy link

rcarmo commented Nov 4, 2019

Hi there. I very strongly disagree that it would be OK to get rid of the private key passphrase - I do not want any of my private keys to be potentially unguarded on any system, regardless of where they are stored, and favor explicit unlocking of them.

And yes, the UI is the matter here, since manually starting an agent every time I open Blink (which, incidentally, currently gets killed randomly by iOS 13.2 every time it goes to the background) is untenable (even if 13.2 gets fixed).

The agent does work, except for agent forwarding (for some reason it has never really worked for me, whereas Panic's Prompt "just works").

But I really want to use Blink, and would prefer the experience be as seamless as possible - i.e., that the agent be started in the background, and that the private key password be stored as well and provided automatically upon connection, mirroring the experience I have on Linux and macOS with keychain (get prompted to unlock key upon first connection, then never again).

An option to explicitly use TouchID/FaceID to unlock keys would also be welcome, but that is almost orthogonal to the agent experience.

@carloscabanero
Copy link
Member

100% agree on the Agent in the background without requiring to explicitly start it. I may agree on the extra Passphrase for the private key, although the Secure Enclave is a HW encrypted area too, I understand some cases require extra security.

Will take another look at agent forwarding, but would help to know which cases it isn’t working for you or for what type of keys. We have been able to even forward keys into our Bunkr agent.

Now to the important we should decide on functionality, here is the trick:

On Linux and MacOS, the agent can keep the private key decrypted in memory (or the Passphrase, which is equivalent), and survive some time until the agent is required to be locked again. In iOS keeping it in memory will require for you to introduce it again every time it gets removed from memory.

So the experience will never be the same no matter what. It will be difficult to reproduce the “introduce it once and forget”.

We could keep the Passphrase for the key also stored within the Secure Enclave, and then use TouchID/FaceID. I would discard this method though as it would be the same as just keeping the Private Key without the Passphrase.

We could investigate if maybe we could use the “Secure Enclave” for temporary secure storage. So under some conditions the decrypted key would get removed from there. Not sure about the conditions or possibilities of the API though.

Any other ideas?

@carloscabanero
Copy link
Member

It took us a while but I am happy to report that on 13.90.3.273 we have a new built-in Agent. The agent should just work and it does not require any special loading outside, just load the keys and you are good to go from anywhere. We have a deeper integration now and we are getting ready a few cooler things as well.

Want to say that although it took us a while to get this done, Blink has grown a lot in the last years and we can now finally put more resources in order to get more things out the door. You will see us pushing a lot of these old issues now :)

@carloscabanero carloscabanero added RTT Ready to test on Test Flight and removed WIP Work In Progress labels Mar 29, 2021
@ssgelm
Copy link

ssgelm commented Mar 29, 2021

This is super exciting! I tried the beta and had two small issues:

  • Keys that were there pre-upgrade can't be added to the agent. I had to delete and re-add the key, otherwise it said "invalid format"
  • ssh-add -l doesn't work - it either segfaults or complains about missing the key name.

Regardless this is very cool and works great!

@carloscabanero
Copy link
Member

Nice catch! It looks like I forgot to cleanup the keys before adding them to the agent, will fix on next version.

On ssh-add -l, it should be available next week. We just wanted people to start testing this asap.

@carloscabanero carloscabanero added the bug Bug that's either related to Blink Shell or prevents the user to use the app in normal conditions. label Mar 29, 2021
@ssgelm
Copy link

ssgelm commented Mar 29, 2021

Awesome! While I'm asking, would it be possible to get a toggle in the key settings page to auto-add to the agent? Not at all a big deal but it'd be nice to save the typing.

@carloscabanero
Copy link
Member

Yeah, so now we can actually create multiple agents, for each type of "environment", kinda like suggested here: http://rabexc.org/posts/pitfalls-of-ssh-agents. The idea is to provide a simple interface where you attach keys to agents and then the agent to the host.

@ssgelm
Copy link

ssgelm commented Mar 30, 2021

Ah that sounds amazing. Feel free to reach out if you need help testing any of this!

@carloscabanero
Copy link
Member

Sure! We have it available on TestFlight, send us a DM over Twitter or Discord if you would like to give it a try.

@dakira
Copy link

dakira commented Apr 12, 2021

This works perfectly for me, thanks!

ssh-add <keyname>
ssh -A jumhost
ssh finalhost

@carloscabanero
Copy link
Member

You can now also use -J for the Jumphost sequence (one or many separated by commas)

@rsepassi
Copy link

rsepassi commented Sep 8, 2021

This is great! Any plans to support Mosh as well with guardian?

@rverrips
Copy link

rverrips commented Apr 1, 2022

Similar, but different - 1Password can now store and securely provide ssh keys on MacOS with the following ssh config

Host *
	IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"

Would need to check with that team, but I'd assume the 1Password iOS App could be setup to do the same if there were a sh that would use it Hint Hint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Bug that's either related to Blink Shell or prevents the user to use the app in normal conditions. feature Feature requested by users RTT Ready to test on Test Flight ssh SSH connection issues
Projects
None yet
Development

No branches or pull requests