Quoting Damien Miller (2022-01-06 23:52:09) > 2. Restricted agent keys. > > This is a large set of changes to add destination- and path-restricted > keys to ssh-agent. A full writeup is at on the website at > https://www.openssh.com/agent-restrict.html - I'm interested to hear > feedback on how this works in practice, UI and things that could be > improved (as well as bug reports). Can this be made to work when SSHFP host verification is used (VerifyHostKeyDNS=yes) rather than known_hosts? Otherwise this is great news - I've largely replaced my old key with a FIDO token and one of the annoyances is the confirmation window not telling me which host is it for. -- Anton Khirnov _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
