lokey icon indicating copy to clipboard operation
lokey copied to clipboard
verified publisher icon jpf

Using in practice

Open nderjung opened this issue 8 years ago • 1 comments

I've installed this via pip and attempted your example, however:

lokey fetch keybase twitter:jf | lokey to ssh

Yields the following:

Traceback (most recent call last):
  File "/usr/local/bin/lokey", line 11, in <module>
    load_entry_point('lokey==0.5.0', 'console_scripts', 'lokey')()
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python2.7/dist-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/click/decorators.py", line 17, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/lokey/__init__.py", line 119, in ssh
    print(ctx.obj.key.to('ssh', comment=comment))
  File "/usr/local/lib/python2.7/dist-packages/eris/__init__.py", line 44, in to
    return transmuter.serialize(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/eris/__init__.py", line 159, in serialize
    encoding=serialization.Encoding.OpenSSH,
  File "/usr/local/lib/python2.7/dist-packages/enum/__init__.py", line 390, in __getattr__
    raise AttributeError(name)
AttributeError: OpenSSH

My second concern is attempting to use ssh once the user has had their key authorised. What mechanism is used to convert the keybase public key, or their gpg key in general, to a private ssh key? What is the pipeline from keybase to ssh?

nderjung avatar Jul 14 '17 13:07 nderjung

Sorry for taking so long to reply. I'm not sure what's causing your error but my guess would be that it's related to getting openssl or the Cryptography package working.

As to your second concern: Assuming that you pasted the user's public key into their authorized_keys file, that user would need to convert their (in this case) keybase key into the SSH format before they attempted to log in to your server. This would probably look something like gpg --armor --export-secret-keys [email protected] | lokey to ssh > ~/.ssh/from-pgp (if this doesn't work, I should fix lokey so it does!)

Once they've done that, then I would do something like ssh -i ~/.ssh/from-pgp [email protected] – at least this is one of the use cases I imagined for people, not sure if that's what people would want to do.

jpf avatar Sep 12 '17 22:09 jpf