Hi,
I'm currently stuck with yubikey + signed user key + ssh-agent forwarding.
As https://developers.yubico.com/PIV/Guides/SSH_user_certificates.html
noted, I have private key stored in yubikey, public key in
~/.ssh/id_rsa.pub and signed public key in ~/.ssh/id_rsa-cert.pub on PC
(see bellow).
It's not working with this agent forwarding access:
PC----Server_A----Server_B. Placing
private key saved in ~/id_rsa, it works fine! After a simple comparsion,
I found that when
private key store in yubikey hardware, ssh-add would not add signed
public key (id_rsa-cert.pub) to ssh-agent, should this be the problem?
Is there a way to add signed public key to ssh-agent?
--
yc.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev