Sign arbitrary data with your SSH keys

This comes with a rationale for why this should be safe re-use of SSH keys, and OpenSSH provides, as you would hope, an explicit namespace mechanism so when fifty people re-use this they don't pollute each other's cryptographic context. In both cases this is unlike Filippo's age - which to me makes it a whole lot more attractive.

Its relationship to your identity, contextually ("this is my GitHub key, this is the one for $VolunteerProject servers, and this third one is for my local machines") makes more sense for this purpose than in age too. Signing a git commit with a key you use on gitlab for example.

This has literally nothing to do with age, which, by deliberate design, doesn't implement signing. What a strange and hostile thing to write.

You wrote:

> This has literally nothing to do with age, which, by deliberate design, doesn't implement signing. What a strange and hostile thing to write.

But of course I never claimed age performs signing I wrote that it re-uses SSH keys without a safety rationale. Here's what age actually says about its re-use of SSH keys:

"As a convenience feature, age also supports encrypting to ssh-rsa and ssh-ed25519 SSH public keys, and decrypting with the respective private key file." -- https://github.com/FiloSottile/age#ssh-keys

So, we see age does in fact re-use SSH keys for this unrelated purpose. And we see that, unlike the OpenSSH feature described in this article, it offers no rationale for why this is safe. Filippo talked about writing such a rationale but ultimately there isn't one provided.

Ordinary users shouldn't try to imagine for themselves why something dangerous might be safe. In the absence of a rationale for why re-using your SSH private keys to decrypt age messages is OK, don't do it.

The article provides a rationale for OpenSSH's "sign arbitrary data" feature (a briefer one is included in the OpenSSH distribution itself) so that you can assure yourself that this is a reasonable thing to do.