Open in app

Sign up

Sign in

Write

Sign up

Sign in

#FeatureFriday — SSH Agent

SatoshiLabs
Trezor Blog
Published in
4 min readMay 3, 2019

--

by Liz Windsor

Anything you store on your laptop can be lost or stolen. When you use SSH login, you store your private key somewhere on your laptop, and automatically run the risk of a security breach. Now that SSH has been integrated with Trezor, you can not only safely store your private key offline, but you can also streamline the whole process of remotely managing systems and applications.

What it can do

SSH protocol lets you remotely log in to a server or another of your computers, securely. With your Trezor device, it provides authentication and encrypts any data that’s communicated between two computers connecting over an unsecured network.

The private key required to generate the public key for logging in to a server is stored on the Trezor device, allowing for a quick and ultra secure server connection.

Who can use it

SSH is a more advanced feature commonly used by network administrators when they need to remotely manage any systems or applications. They can log in to another computer over a network, execute commands, and move files from one computer to another with SCP. Either the Trezor One or Model T can be used with SSH.

Why use it

SSH protocol allows you to securely log in remotely, from one computer to another. Everything will be encrypted, making it impossible for anyone to see what you’re doing.

Using your Trezor device for SSH means that you don’t have to rely on a password to access a server. Passwords always come with the risk of being broken, while your private keys stored on your Trezor device can never be accessed by a remote attack.

Instead of storing your private keys on a computer that can be hacked or stolen, with SSH integration into Trezor you know your private keys will never be stolen. It also makes it more convenient to take your private keys and use them for SSH login from another computer, instead of having to transfer them somehow from one computer to another.

Without using your Trezor for SSH login, you can lose your private keys forever if someone steals your computer. Storing them on a Trezor device means you can recover your keys on a new device if the old one is damaged, lost, or stolen, just by inputting your original recovery seed.

How to use it

For a step by step guide to setting up Trezor SSH Agent on either Linux or Windows, head over to this Trezor Wiki page.

After you have set it up, you’ll be able to log in to another computer over a network, move files from one computer to another, and more, with all the convenience and security of a Trezor device.

Instead of inputting your private key on the computer, you simply confirm on your device to log in, and the private key never leaves the safety of your offline Trezor. As usual, any action must be confirmed by you on the device, either by tapping the screen or by pressing a button.

About Us

Created by SatoshiLabs in 2014, the Trezor One is the original and most trusted hardware wallet in the world. It offers unmatched security for cryptocurrencies, password management, and serves as the second factor in Two-Factor Authentication. These features combine with an interface that is easy to use whether you are a security expert or a brand new user.

Trezor Model T is the next-generation hardware wallet, designed with the benefits of the original Trezor in mind, combined with a modern and intuitive interface for improved user experience and security. It features a touchscreen, faster processor, and advanced coin support, as well as all the features of the Trezor One.

Bitcoin
Ssh
Trezor
Articles
Security

--

--

SatoshiLabs
Trezor Blog
Follow

Written by SatoshiLabs

12.2K Followers

Innovating since we founded the industry in 2013 with production of the first crypto hardware wallet, the Trezor One. Open-source, secure, community-driven.

Follow

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams