Re: Signed SSH key issue with OpenSSH6.4p1

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Wed, 2018-04-11 at 11:40 +0200, Jan Schermer wrote:
> Slightly OT question - is there a way to make ssh-agent work with
> keys in a PKCS#11 module and a certificate? I can make the ssh client
> work (add the key to agent and the default cert gets used by
> default), but the cert can’t be added to ssh-agent …

No, it is not possible. There is a patch in bugzilla [1], which does it
the "ugly" way without modifying ssh-agent protocol, because there is
no message that would fit this use case. Better way would be to adjust
the ssh-agent protocol with new messages supporting this protocol, but
nobody implemented this yet.

[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2472

-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux