hetzner-kube icon indicating copy to clipboard operation
hetzner-kube copied to clipboard

Published 20 hours ago verified publisher icon xetys

Allow using ssh-keys without private-key

Open stevenklar opened this issue 6 years ago • 3 comments

The problem with private-key is, that it is possible to use services like krypt.co which is your "private authority" and only exposes your public key.

Therefore it is not possible to use hetzner-kube if you do not have the private-key on your local disk.

Maybe it's possible to make it usable without the private-key.

stevenklar avatar Apr 12 '18 09:04 stevenklar

How is the private key actually used?

tholu avatar May 04 '18 17:05 tholu

The public key contains the third authority which asks my device if i'm allowed to access the resource. The device actually contains the private key and is the only authority.

So my actual computer access the remote machine, which asks my third authority if i'm allowed to do so.

But hetzner-kube want to use a specific private key instead of just let ssh decide which one to use, which is convenient but problematic with the mentioned use case.

stevenklar avatar May 04 '18 18:05 stevenklar

This issue also occurs if your private key is on a separate device e.g. Smartcard or Yubikey.

roock avatar Jan 30 '19 19:01 roock