IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: smartcard keys and the ssh-agent



Hi,

Nils Larsch wrote:

in the last/current draft of the 'Secure Shell Authentication
Agent Protocol' the only way to add a new key to the ssh-agent is
by sending the private key blob to the agent. If the key is stored
in a smartcard and if it's not extractable this is not possible
(at least if the normal private key blobs for rsa keys etc. are
used). What about adding an additional message to the agent
protocol to deal with hardware keys, for example something like
this:

It would seem to me that this situation doesn't occur - the agent's on the client side and would already know about any local smartcards. Under what circumstances would the server know about a smartcard that the agent was unaware of?

--
Jon Bright
Silicon Circus Ltd.
http://www.siliconcircus.com




Home | Main Index | Thread Index | Old Index