tpm2-pkcs11
tpm2-pkcs11 copied to clipboard
Multiple keys / Specific key selection for SSH
Is there a way to choose key using label or pid tp present to SSH service ? For example when connecting to gihub, when there are 2 keys, first key would be used and push would fail - if second one have permissions.
Host github-work
HostName github.com
User git
PKCS11Provider /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1
ForwardAgent yes
PasswordAuthentication no
IdentitiesOnly yes
Host github-home
HostName github.com
User git
PKCS11Provider /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1
PasswordAuthentication no
IdentitiesOnly yes
Some debug logs:
GIT_SSH_COMMAND="ssh -vvv" git clone [email protected]:<project>.git
...
debug1: Will attempt key: /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1.6.0 RSA SHA256:<key1> agent
debug1: Will attempt key: /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1.6.0 RSA SHA256:<key2> agent
...
debug1: Server accepts key: /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1.6.0 RSA SHA256:<key1> agent
...
authenticated