Skip to content

sigsum/key-mgmt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

133 Commits
cmd/sigsum-agent
cmd/sigsum-agent
 
 
docs
docs
 
 
internal
internal
 
 
scripts
scripts
 
 
tests
tests
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
AUTHORS
AUTHORS
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
NEWS
NEWS
 
 
README.md
README.md
 
 
RELEASES.md
RELEASES.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Key management

This repository provides documentation and tooling for managing and accessing the private signing keys in the Sigsum system.

Documentation

  • Quick start instructions on YubiHSM provisioning and signing for log servers and witnesses via SSH agent.
  • Key management procedure using YubiHSMs

Repository overview

  • sigsum-agent A program that can act as a signing oracle, following the SSH agent protocol and conventions. Tailored to the needs of the Sigsum system, it supports Ed25519 signatures only, and it can use either a private key on disk, or a key stored in a YubiHSM (support for other types hardware keys, in particular TKey and Yubikey, is under consideration).
  • provisioning scripts A collection of scripts to provision YubiHSMs for use with Sigsum logs and witnesses.
  • To appear: SSH key and signature formats as importable Go packages

Contact

  • IRC room #sigsum @ OFTC.net
  • Matrix room #sigsum which is bridged with IRC
  • The sigsum-general mailing list

About

Mirror only. Official repository is at https://git.glasklar.is/sigsum/core/key-mgmt

Resources

Readme

License

BSD-2-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

 
 
 

Contributors

Languages