# Create an askpass binary
exec go build -o askpass-test askpass.go
exec ./askpass-test passphrase

# Env
env SSH_ASKPASS=./askpass-test
env SSH_ASKPASS_REQUIRE=force

# ssh sign file with password
env _ASKPASS_PASSWORD=12345
exec ssh-tpm-agent -d --no-load &agent&
exec ssh-tpm-keygen -N $_ASKPASS_PASSWORD
exec ssh-tpm-add
stdout id_ecdsa.tpm
exec ssh-add -l
stdout ECDSA
exec ssh-keygen -Y sign -n file -f .ssh/id_ecdsa.pub file_to_sign.txt
stdin file_to_sign.txt
exec ssh-keygen -Y check-novalidate -n file -f .ssh/id_ecdsa.pub -s file_to_sign.txt.sig
exists file_to_sign.txt.sig
exec ssh-add -D
rm file_to_sign.txt.sig
rm .ssh/id_ecdsa.tpm .ssh/id_ecdsa.pub

-- file_to_sign.txt --
Hello World

-- go.mod --
module example.com/askpass

-- askpass.go --
package main

import (
  "fmt"
  "os"
  "strings"
)

func main() {
  if strings.Contains(os.Args[1], "passphrase") {
	  fmt.Println(os.Getenv("_ASKPASS_PASSWORD"))
  }
}
