PATCH: Support for encrypted host keys

Damien Miller djm at mindrot.org
Mon Feb 6 08:59:35 EST 2012


On Tue, 31 Jan 2012, Daniel Kahn Gillmor wrote:

> What about an approach instead that allows sshd to talk to a running
> ssh-agent for its keys?  Then a system administrator could load the host
> key to the system ssh-agent at any point, leaving them
> passphrase-protected on disk.

I'm hoping to implement this anyway to support hostkeys in PKCS11 tokens.
It would be fantastic if someone did it first and saved me the work :)

-d


More information about the openssh-unix-dev mailing list