[Bug 3462] New: Dynamically load resident keys from smartcard (to work with AddKeysToAgent)
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Jul 14 00:24:32 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3462
Bug ID: 3462
Summary: Dynamically load resident keys from smartcard (to work
with AddKeysToAgent)
Product: Portable OpenSSH
Version: v9.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: mg at max.gautier.name
This a feature request to support dynamically loading so-called
"resident keys" from hardware token, and adding it to the ssh-agent.
When using an on disk key:
# ssh agent was started
# AddKeysToAgent set to yes in ~/.ssh/config
ssh user at host
Enter passphrase:
Added key to agent
# Connection proceed and next connection does no ask for passphrase
----
# When using a resident keys (not requiring PIN, requiring user
presence check), key handle is not present on disk.
# ssh agent was started
ssh-add -K
Enter PIN:
Resident identity added: <key>
ssh user at host
# Connection proceed and next connection do no ask for passphrase
Would it be possible to eliminate the need for the ssh-add -K, and try
to use resident keys for connected tokens, and then add them to the
agent ? Is that something openssh could/should support at all ?
Thanks
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list