Lexu on Nostr: In case anyone is like me, wondering if ssh-agent can somehow be used to encrypt ...
In case anyone is like me, wondering if ssh-agent can somehow be used to encrypt data, well, yes, kind of. Signing the same data with the same key and the same namaspace produces the same output, so that can be used as a "password" to derive the key from.
$ openssl rand 128 >master
$ echo secret | pass=$(ssh-keygen -Y sign -f ~/.ssh-id_ed25519 -n enc <master | openssl base64 -d | sha256) openssl aes-256-cbc -a -pass env:pass
Published at
2024-12-11 15:16:03Event JSON
{
"id": "447e7f33f975808043bab6f132ff8d2d85b0aad0d02be76dfc294a68b082b911",
"pubkey": "44c001e48a71188771c0bd76ef461e81023ac879f7e1ed546d3a5d36264e3ef0",
"created_at": 1733930163,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.bsd.cafe/users/aa/statuses/113634847221702025",
"activitypub"
]
],
"content": "In case anyone is like me, wondering if ssh-agent can somehow be used to encrypt data, well, yes, kind of. Signing the same data with the same key and the same namaspace produces the same output, so that can be used as a \"password\" to derive the key from.\n\n$ openssl rand 128 \u003emaster\n$ echo secret | pass=$(ssh-keygen -Y sign -f ~/.ssh-id_ed25519 -n enc \u003cmaster | openssl base64 -d | sha256) openssl aes-256-cbc -a -pass env:pass",
"sig": "0e7de9d097bbb734b8889be4d33535d1852d6573da3a1c5359a14c0ebdf744ed074e1dd0e945f42890df7e448ac92dea086f9f85f6a9fbd4a5cb2415c806f7fa"
}
