{ "slug": "ssh-agent", "meta": { "title": "SSH Agent | ChromVoid", "description": "Vault-backed SSH keys and approval flow." }, "hero": { "label": "SSH Agent", "title": "Key use stays per-request and under approval.", "description": "The private key is decrypted for a single signing request and zeroed again immediately after use.", "audience": "For SSH workflows that want explicit approval and no long-lived key cache." }, "useCases": { "title": "When it fits", "intro": "Use the agent path when signing should stay short-lived and auditable.", "cards": [ { "title": "Per-request signing", "body": "Decrypt the key only for the current SSH signing request." }, { "title": "Explicit approval", "body": "Keep a human in the loop before the signature is produced." }, { "title": "Zeroed memory", "body": "Clear key material immediately after release so it does not linger in memory." } ] }, "howItWorks": { "title": "Key lifecycle", "intro": "The key is unlocked only for signing and then released right away.", "steps": [ { "title": "Vault", "body": "The SSH key stays encrypted at rest inside the vault." }, { "title": "Decrypt", "body": "ChromVoid decrypts the key only for the signing request." }, { "title": "Sign", "body": "The user approves the request and the signature is produced." }, { "title": "Release", "body": "Key material is zeroed in memory immediately after use." } ], "diagrams": [ { "src": "/assets/diagrams/ssh-agent-flow.svg", "alt": "SSH agent signing flow", "title": "SSH agent flow", "description": "Vault, decrypt, sign, and release." } ] }, "security": { "title": "Security boundaries", "cards": [ { "title": "No disk key files", "body": "The agent does not leave unencrypted key files lying around on disk." }, { "title": "No long-lived cache", "body": "There is no persistent cache between signing requests." }, { "title": "Explicit approval", "body": "Signing stays gated by a deliberate user action." } ] }, "limitations": { "title": "Limits and scope", "intro": "The agent is intentionally simple and local.", "items": [ "It focuses on a single signing lifecycle rather than general SSH orchestration.", "The key is decrypted per request, not kept hot in memory.", "Remote key services and multi-hop orchestration stay future scope.", "The threat model page is the current source of truth for scope and boundaries." ], "notTitle": "Not a key daemon farm", "notBody": "The agent is a local approval path for a vault-backed SSH key." }, "cta": { "title": "Keep SSH signing inside a local vault-backed approval loop.", "body": "The key appears only for the request, then gets zeroed again immediately afterward." }, "ui": { "generic": { "audience": "Who this is for", "useCases": "Use cases", "how": "How it works", "security": "Security", "limitations": "Limitations", "threatModel": "Threat Model", "download": "Download", "backHome": "Back home", "technicalDiagram": "Technical diagram", "badges": { "inDevelopment": "In development", "pro": "PRO" } }, "sshAgent": { "audienceLabel": "Who this is for", "flowSection": "$ ssh-agent --flow", "flowTitle": "Key lifecycle", "flowIntro": "The private key is decrypted per signing request and zeroed immediately after. No long-lived cache.", "boundarySection": "$ ssh-agent --boundaries", "boundaryTitle": "Security boundaries", "socketPath": "$SSH_AUTH_SOCK", "protocolValue": "SSH Agent Protocol (RFC 4253)", "signingFlow": { "phases": [ { "id": "vault", "status": "LOCKED", "label": "Vault", "detail": "Key encrypted at rest. AES-256-GCM." }, { "id": "decrypt", "status": "DECRYPT", "label": "Request", "detail": "Decrypted per signing request." }, { "id": "sign", "status": "APPROVE", "label": "Sign", "detail": "Explicit user approval required." }, { "id": "release", "status": "ZEROED", "label": "Release", "detail": "Key material zeroed from memory." } ] }, "metrics": [ { "value": "0", "label": "Key files on disk" }, { "value": "0", "label": "Key cache" }, { "value": "Per-req", "label": "Decrypt" } ] } } }