How to use your Ledger Nano S to authenticate SSH login

14 May 2019 Tutorial #ledger #ssh #security

First, you need to connect your Ledger Nano S to your computer and open Ledger Live. You need to install SSH/PGP Agent app from Ledger store. (you need to enable Developer mode in settings)

Now, you need to need to install Ledger Agent Python Command Line Tools. Make sure you have installed python (3.x) and pip (3.x). Just install ledger_agent via pip3.

pip3 install ledger_agent

(on Windows you will probably need to install _Visual C++ Build Tools_, get it here

At this moment I had some problems with running ledger-agent on Windows. So I switched to Ubuntu machine, sorry :c

Now we need to open SSH/PGP Agent app on your Ledger. It should display only SSH/PGP Agent message. Now get back to your PC, open a terminal and generate your private/public key. Type ledger-agent [email protected] (replace user with username on your server, host with your server). Confirm action on Ledger device. It will print you public key for that username and host combination. Copy it and connect to your remote server.

Paste your public key into ~/.ssh/authorized_keys file and save it, disconnect and try to connect using private key stored on your Ledger device.

Type ledger-agent -c [email protected] and confirm action on your Ledger Nano S. Voila, if you do everything correct you should connect to your server. That’s all.