Re: ssh-agent decrypt

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> So it's not clear this provides any advantage over just using the existing
> encrypted channel.

Well in this case there isn't necessarily an existing encrypted ssh
channel b/c i'm presenting the cert (well, a cert-backed message) to
something other than sshd, so it could be over just about any
transport protocol.

but all of these are valid points for why something like this already
in ssh-agent. as I said, moronic monday, at least in pst. :)

> Actually, you don't need any extensions to do this - you can get
> the pubkey from the agent directly

yeah, getting the pubkey is no problem. it's getting access to the
private key to do the decryption.

Cheers,
peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux