PrivateKeyCommand config idea
Bernd Eckenfels
ecki at zusammenkunft.net
Tue Mar 12 12:05:13 AEDT 2024
BTW not for your usecase with the decryption, but if people want to dynamically create/provision short lived
keys, they could use „match host * exec gen-key.sh %s“ config to run a program before each connection.
However it can’t stdout the key material, but what it could do is update a temporary Idendity file or
push it short-lived with ssh-add to the running (standard) agent.
openssh at tr.id.au wrote on 11. Mar 2024 22:15 (GMT +01:00):
> Hmm, okay, I just realized the protocol has a full specification at
> https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent. Would it be
> possible to get that protocol added to the list of manuals which typically
> get installed with the OpenSSH package?
Gruß
Bernd
—
https://bernd.eckenfels.net
More information about the openssh-unix-dev
mailing list