Automic VaultAutomic Vault

brew

使用 Homebrew, Nix 安装 trezor-agent

查看 trezor-agent 的安装路径、可执行文件、元数据以及面向 AI 代理工作流的安全说明。

安装

其他安装命令

macOS

Homebrew已验证 · 100%
brew install trezor-agent

local Homebrew formula metadata

概览

软件包摘要

Hardware SSH/GPG agent for Trezor and Ledger

命令和别名

  • age-plugin-trezor
  • trezor-agent
  • trezor-gpg
  • trezor-gpg-agent
  • trezor-signify
  • trezor_agent.py

历史

项目历史与用法

trezor-agent is a hardware-backed SSH, GPG, and age agent that grew out of early Trezor firmware support for using a hardware wallet as an identity and signing device. In package-manager culture it sits in the security-tools niche: a small CLI package that lets developers keep authentication and signing keys on a hardware device while still using familiar Unix tools.

项目历史

Trezor firmware 1.3.4, announced in September 2015, credited Roman Zeyde's work and introduced NIST P-256 support so a Trezor could be used for SSH login. The official instructions in that announcement installed `trezor_agent`, generated a public key with `trezor-agent`, and used the result in `authorized_keys`.

Firmware 1.3.6 extended the same idea beyond SSH by adding GPG key generation for signing email or documents and by pointing users to Trezor Agent for the user-space tooling. The repository later generalized the model into a shared `libagent` plus device-specific agents for Trezor, Blockstream Jade, and OnlyKey.

采用历史

The project was adopted by users who wanted hardware-backed developer identity without changing their normal SSH, Git, GPG, or password-store workflows. Its README lists signing email, Git commits, and software packages, managing passwords with `pass` or `passage`, and authenticating web tunnels and file transfers as representative uses.

Package-manager availability through Homebrew and Nix made it installable in the same way as other command-line security tools, which mattered because trezor-agent is usually used from shells, SSH subprocesses, Git commands, GPG, and systemd user units rather than as a standalone application.

使用方式

For SSH, users derive a public key from an identity string, add that public key to remote access controls, and run commands or shells with `SSH_AUTH_SOCK` pointed at the agent. The official SSH guide also documents Git and Mercurial repository access, Git commit signing through SSH signatures, and optional systemd socket activation.

For GPG, users initialize a dedicated `GNUPGHOME` such as `~/.gnupg/trezor`, then continue using normal GPG-aware software while the agent asks the hardware device to sign or decrypt. The GPG guide covers commit and tag signing, password-store integration, file signing/decryption, and email use.

为什么软件包爱好者会关心

trezor-agent is interesting to package nerds because it turns a cryptocurrency hardware wallet into a Unix authentication primitive. It bridges hardware-wallet APIs into the ecosystem of `ssh-agent`, GnuPG, Git signing, `pass`, systemd user sockets, and age plugins.

The package is also a good example of Homebrew packaging for a tool whose value is not a daemon or GUI, but a collection of small executables that plug into existing developer workflows: `trezor-agent`, `trezor-gpg`, `trezor-gpg-agent`, `trezor-signify`, and `age-plugin-trezor`.

时间线

  • 2015: Trezor firmware 1.3.4 announcement documents SSH login with `trezor-agent`.
  • 2016: Trezor firmware 1.3.6 announcement adds GPG signing support and references Trezor Agent.
  • 2022: Official SSH guide documents Git commit signing with SSH signatures.
  • 2026: GitHub repository lists `libagent/0.16.1` as the latest release on March 1, 2026.

Related projects

  • Related components include `libagent`, `jade_agent`, `onlykey-agent`, GnuPG, OpenSSH, age, pass, and Trezor firmware features for SSH/GPG operations.

安全态势

尚未找到受保护工具覆盖

没有找到 trezor-agent 的匹配本地密钥处理 manifest。Nucleus 软件包元数据仍在此发布,以便未来覆盖拥有稳定的软件包 URL。

安装行为

  • formula 元数据中未记录 Homebrew post-install 钩子。
  • Homebrew bottle 元数据适用于 6 个平台目标。
  • 安装时包含 6 个运行时依赖。
  • 构建元数据列出 2 个构建依赖。

建议审查

在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.ssh/agent.conf~/.gnupg/trezor

可执行文件

已安装的可执行文件

命令类型暴露范围备注
age-plugin-trezorcli全局可执行文件
trezor-agentcli全局可执行文件
trezor-gpgcli全局可执行文件
trezor-gpg-agentcli全局可执行文件
trezor-signifycli全局可执行文件
trezor_agent.pycli全局可执行文件

新鲜度

版本和新鲜度

这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。

页面生成时间2026-07-10
管理器版本0.13.0
管理器更新时间2026-05-15
本地数据OK
上游not checked
检测到的最新版本未检测到

https://github.com/romanz/trezor-agent

安装元数据

软件包元数据

软件包键brew:trezor-agent
版本0.13.0
软件包管理器Homebrew
软件包管理器页面https://formulae.brew.sh/formula/trezor-agent
主页https://github.com/romanz/trezor-agent
仓库https://github.com/romanz/trezor-agent
上游文档https://github.com/romanz/trezor-agent#readme
许可证LGPL-3.0-only
源码归档https://files.pythonhosted.org/packages/d9/b1/e533c417259dc112a067226d4c95cb772d7c090b696a61a065e1e41429d6/trezor_agent-0.13.0.tar.gz
最后更新2026-05-15T11:13:55Z
Pulseupdated
依赖certifi, cryptography, hidapi, libsodium, libusb, python@3.14
构建依赖pkgconf, rust
Bottle可用 (于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-install未定义
服务未声明

注册表事实

源数据库详情

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nametrezor-agent
Version Scheme0
Revision2
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

源数据库匹配

其他软件包管理器记录

匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。

Nix95%

trezor-agent

nix profile install nixpkgs#trezor-agent
  • normalized package name match
  • 匹配方式:Trezor Agent
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: trezor-agent from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix

来源线索

由仓库数据生成

此页面由 av-webscripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。

使用的来源

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment