Re: smartcard keys and the ssh-agent

To: Jon Bright <jon%siliconcircus.com@localhost>
Subject: Re: smartcard keys and the ssh-agent
From: Nils Larsch <larsch%trustcenter.de@localhost>
Date: Tue, 16 Sep 2003 12:46:48 +0200

Jon Bright wrote:

Hi,

Nils Larsch wrote:


in the last/current draft of the 'Secure Shell Authentication
Agent Protocol' the only way to add a new key to the ssh-agent is
by sending the private key blob to the agent. If the key is stored
in a smartcard and if it's not extractable this is not possible
(at least if the normal private key blobs for rsa keys etc. are
used). What about adding an additional message to the agent
protocol to deal with hardware keys, for example something like
this:

It would seem to me that this situation doesn't occur - the agent's onthe client side and would already know about any local smartcards. Under


And how should the client add a smartcard key (for example using
OpenSSH's ssh-add(1)) to the agent ? How should the agent know
anything about local smartcards ?

Nils

References:
- smartcard keys and the ssh-agent
  - From: Nils Larsch
- Re: smartcard keys and the ssh-agent
  - From: Jon Bright

Prev by Date: Re: smartcard keys and the ssh-agent
Next by Date: Last Call: 'Generic Message Exchange Authentication For SSH' to Proposed Standard
Previous by Thread: Re: smartcard keys and the ssh-agent
Next by Thread: Last Call: 'Generic Message Exchange Authentication For SSH' to Proposed Standard
Indexes:

Home | Main Index | Thread Index | Old Index