qusal/salt/ssh
Ben Grande 422b01e0f6 feat: remove audiovm setting when unnecessary
Decrease audio attack surface to qubes that will never need to use it.
2024-01-20 19:34:39 +01:00
..
clone.sls refactor: initial commit 2023-11-13 14:33:28 +00:00
clone.top refactor: initial commit 2023-11-13 14:33:28 +00:00
configure.sls refactor: initial commit 2023-11-13 14:33:28 +00:00
configure.top fix: ssh top files missing list type matcher 2023-12-20 21:27:42 +01:00
create.sls feat: remove audiovm setting when unnecessary 2024-01-20 19:34:39 +01:00
create.top refactor: initial commit 2023-11-13 14:33:28 +00:00
init.top fix: ssh top files missing list type matcher 2023-12-20 21:27:42 +01:00
install.sls refactor: initial commit 2023-11-13 14:33:28 +00:00
install.top refactor: initial commit 2023-11-13 14:33:28 +00:00
README.md refactor: initial commit 2023-11-13 14:33:28 +00:00

ssh

SSH remote login client in Qubes OS.

Table of Contents

Description

Setup SSH client AppVM ssh and a DispVM Template "dvm-ssh". It's use is plain simple, SSH to servers, no extra configuration is required. When saving the SSH configuration is necessary, use the ssh qube. If login in as a one time connection or to an untrusted host use a DispVM based on "dvm-ssh" for disposability.

Installation

  • Top:
qubesctl top.enable ssh
qubesctl --targets=tpl-ssh,dvm-ssh,ssh state.apply
qubesctl top.disable ssh
  • State:
qubesctl state.apply ssh.create
qubesctl --skip-dom0 --targets=tpl-ssh state.apply ssh.install
qubesctl --skip-dom0 --targets=dvm-ssh,ssh state.apply ssh.configure

Usage

Create DispVMs based on the Template for DispVMs "dvm-ssh" for disposable SSH sessions or create AppVMs based on "tpl-ssh", such as the "ssh" qube for for preserving the SSH configuration client side.

The client qube can enhanced by being:

  • sys-ssh-agent's client and not storing the SSH keys on the client; or
  • sys-git's client and fetching from qubes and push to remote servers.

The server requires the OpenSSH server to be installed.