Interfacing with ssh-agent, API programming question

[Sean Russell]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I apologise in advance if this isn't the appropriate forum.  If it isn't, 
please tell me which group to post my question to, and I'll go away.

I'm trying to leverage on the ssh-agent, with the goal of easing the use of 
security by minimizing the number of times passwords need to be entered.  
Currently, I'm personally entering four different passwords, one for login, 
one for ssh-agent, one for GPG support in my mailer, and one for my crypt FS.

Specifically, I'm trying to expand the CryptFS (FiST) authentication 
utility to use secret key information obtained from an existing ssh-agent 
parent process, should one exist.  The CryptFS utility itself is very simple, 
but I'm having trouble figuring out how to get ssh-agent to cough up 
something reasonably secure.  I can get it to give me the public key (which 
is of no use).  I'd like it to sign something for me, or even give me the 
secret key.  If there is a better way of doing this, I'd like to know.  I 
just want something to use as an encryption key for the filesystem.

For average use (ssh-agent being run, then running ssh-add from a 
sub-process) it appears that the key stored in the ssh-agent is an RSA1, 
which the ssh-agent won't use to generate signatures (generating "illegal 
key type" errors).

Thanks, in advance, for any help or pointers!

- --- SER

- -- 
 |..  "They that can give up essential liberty to obtain a little
<|>    temporary safety deserve neither liberty nor safety."
/|\   -- Benjamin Franklin
/|    
 |         
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8PzFfP0KxygnleI8RAnuKAKDAa3u6r/yBnvy/1KZtWv+l0Kq0vgCcDIJv
/nTcstKPvjSBPMW10dZ1Co4=
=f3up
-----END PGP SIGNATURE-----