On Fri, 7 Jan 2022, Morgan, Iain (ARC-TN)[InuTeq, LLC] wrote: > Hi Damien, > > The restricted agent keys functionality sounds really interesting. > Are there any plans to support embedding the restrictions in the keys > themselves at some point? That would make this much easier to use, but > it would require extending the key format and adding the appropriate > parsing in ssh-agent or ssh-add. I hadn't considered that before - how would it envision it working? Yes, the key format would require extension and that isn't a trivial change because of backwards-compatibility :( -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
