Simon Josefsson <simon%josefsson.org@localhost> writes: Isn't this another problem? Often private keys are protected by a password or requires a PIN to unlock a smartcard, and iterating to sign with all keys becomes a user interface issue quickly. This is how libssh2 works, and I couldn't think of any way to avoid it. Maybe I'm missing something, but you don't need to iterate over all keys since you can ask the ssh server if the public key is ok to use. To avoid unnecessary processing and user
interaction, the following message is provided for querying whether
authentication using the "publickey" method would be acceptable.
byte SSH_MSG_USERAUTH_REQUEST
string user name in ISO-10646 UTF-8 encoding [RFC3629]
string service name in US-ASCII
string "publickey"
boolean FALSE
string public key algorithm name
string public key blobLove |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature