Hi, Nils Larsch wrote:
in the last/current draft of the 'Secure Shell Authentication Agent Protocol' the only way to add a new key to the ssh-agent is by sending the private key blob to the agent. If the key is stored in a smartcard and if it's not extractable this is not possible (at least if the normal private key blobs for rsa keys etc. are used). What about adding an additional message to the agent protocol to deal with hardware keys, for example something like this:
It would seem to me that this situation doesn't occur - the agent's on the client side and would already know about any local smartcards. Under what circumstances would the server know about a smartcard that the agent was unaware of?
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com