BTW not for your usecase with the decryption, but if people want to dynamically create/provision short lived keys, they could use „match host * exec gen-key.sh %s“ config to run a program before each connection. However it can’t stdout the key material, but what it could do is update a temporary Idendity file or push it short-lived with ssh-add to the running (standard) agent. openssh@xxxxxxxx wrote on 11. Mar 2024 22:15 (GMT +01:00): > Hmm, okay, I just realized the protocol has a full specification at > https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent. Would it be > possible to get that protocol added to the list of manuals which typically > get installed with the OpenSSH package? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev