aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTimo Weingärtner <timo@tiwe.de>2013-10-25 21:28:32 +0200
committerTimo Weingärtner <timo@tiwe.de>2013-10-25 21:34:09 +0200
commitd8b50eb96e4e4f971803fcf2ba30312b2dac9d08 (patch)
tree66469011f9fe1cdc75fb47f1471e48a341be727a
parentfad26b644eef6883810203a1bd143180484ff8fb (diff)
downloadssh-agent-filter-d8b50eb96e4e4f971803fcf2ba30312b2dac9d08.tar.gz
update documentation to mention confirmation stuff
Thanks: Christian Amsüss <chrysn@fsfe.org> for requesting that feature
-rw-r--r--README.md19
1 files changed, 13 insertions, 6 deletions
diff --git a/README.md b/README.md
index 71b834f..05ca21d 100644
--- a/README.md
+++ b/README.md
@@ -13,20 +13,27 @@ our solution
------------
1. create one key(pair) for each realm you connect to
-2. load keys into your ssh-agent as usual
-3. use ssh-agent-filter to allow only the key(s) you need
+2. load keys into your `ssh-agent` as usual
+3. use `ssh-agent-filter` to allow only the key(s) you need
-afssh (agent filtered ssh) can wrap ssh-agent-filter and ssh for you:
+`afssh` (agent filtered ssh) can wrap `ssh-agent-filter` and `ssh` for you, forwarding only the key with the comment `id_example`:
- $ afssh -c id_example -- example.com
+ $ afssh --comment id_example -- example.com
-starts an `ssh-agent-filter -c id_example`, runs `ssh -A example.com` and kills the ssh-agent-filter afterwards.
+starts an `ssh-agent-filter --comment id_example`, runs `ssh -A example.com` and kills the `ssh-agent-filter` afterwards.
If you leave out the options before the `--`:
$ afssh -- example.com
-it will ask you via whiptail or dialog which keys you want to have forwarded.
+it will ask you via `whiptail` or `dialog` which keys you want to have forwarded.
+
+
+confirmation
+------------
+
+You can use the `--*-confirmed` options (e.g.`--comment-confirmed`) to add keys for which you want to be asked on each use through the filter.
+The confirmation is done in the same way as when you `ssh-add -c` a key to your `ssh-agent`, but the question will contain some additional information extracted from the sign request.
how it works