[RFC 1/2] Add support for openssl engine based keys

Damien Miller djm at mindrot.org
Fri Nov 3 13:11:09 AEDT 2017


On Thu, 26 Oct 2017, James Bottomley wrote:

> Engine keys are keys whose file format is understood by a specific
> engine rather than by openssl itself.  Since these keys are file
> based, the pkcs11 interface isn't appropriate for them because they
> don't actually represent tokens.

What sort of keys do you have in mind here that can't be represented
via PKCS#11?

-d


More information about the openssh-unix-dev mailing list