On Tue, 20 Nov 2018, Damien Miller wrote: > Given those, it would still be possible to make a SSH agent extension to > support encryption, If you do this, then please consider using the > extension mechanism in the ssh-agent protocol draft - > https://www.ietf.org/archive/id/draft-miller-ssh-agent-02.txt Actually, you don't need any extensions to do this - you can get the pubkey from the agent directly and convert it to PEM format using "ssh-keygen -e -m PEM -f /path/key.pub > /path/key.pem" >From there you can use the standard openssl API or tools to do your crypto. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev