As per the documentation here, I should be able to use my ssh-agent to furnish changes to my repo. Does this not also work with the pijul record command, or do I have to have a separate key for that? Reason I’m asking is because I use a hardware key for all of my encryption, auth, signing needs and a separate key is just another thing I need to keep track of.

That key is separate, and it is and will remain incompatible with anything related to PGP. So, don’t expect it to easily (if at all) work with any hardware token in the future.

Integration with ssh-agent is planned.

@TheBestJohn: what agent do you use? If it is a PGP one, I believe we could add an integration layer with the agent protocol without pulling in all the dependencies and security holes of existing PGP implementations.

Not OP, but I currently use pijul on Ubuntu on WSL on Windows, and I think I’m using the default ssh-agent. It’d be great to not have to type the password every time I record a change, especially when I’m recording a lot of small changes in quick succession.

Update: I was using an old version of pijul; after updating, I was asked to consolidate my identity and there was definitely some ssh-agent integration going on, but I still get prompted for password every time I record, with:

Password does not match secret key
? Password for secret key ›

Is there something I need to do to bridge the gap?