Displaying 6 results from an estimated 6 matches for "key_on".
Did you mean:
key_fn
2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...0)
+ fprintf(stderr, "Lifetime set to %d seconds\n", lifetime);
+ if (confirm != 0)
+ fprintf(stderr, "The user must confirm each use of the key\n");
+ out:
+ free(comment);
+ sshkey_free(cert);
+
+ return ret;
+}
+
+static int
add_file(int agent_fd, const char *filename, int key_only)
{
struct sshkey *private, *cert;
@@ -445,13 +488,16 @@ lock_agent(int agent_fd, int lock)
}
static int
-do_file(int agent_fd, int deleting, int key_only, char *file)
+do_file(int agent_fd, int deleting, int key_only, int cert_only, char *file)
{
if (deleting) {
if (delete_file(agent...
2020 Oct 06
2
Accessing SSH key path using SSH_ASKPASS and passwordstore
Hello,
With the introduction of SSH_ASKPASS_REQUIRE in version 8.4, I've set
up a script for SSH_ASKPASS to query my local passwordstore
(https://www.passwordstore.org/) vault to retrieve the password for a
given key. This works for ssh-add as well as ssh (configured with
AddKeysToAgent set to 'yes'). My workflow effectively transforms into
entering the password for the GPG key used
2017 Oct 26
3
[RFC 0/2] add engine based keys
Engine keys are private key files which are only understood by openssl
external engines. ?The problem is they can't be loaded with the usual
openssl methods, they have to be loaded via ENGINE_load_private_key().
?Because they're files, they fit well into openssh pub/private file
structure, so they're not very appropriately handled by the pkcs11
interface because it assumes the private
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the
openssl provider transition. What will happen in openssl 3.0.0 is
that providers become active and will accept keys via URI. The
current file mechanisms will still be available but internally it will
become a file URI. To support the provider interface, openssl will
have to accept keys by URI instead of file and may
2016 Dec 28
2
certificates keys on pkcs11 devices
Hi,
I have not found any way to use a Certificate with ssh-agent when my Key is
stored on a pkcs11 device. I can add my key with
ssh-add -s /usr/local/lib/opensc-pkcs11.so
but
ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub
does not add the certificate to my agent. As far as I undestand, in
ssh-add.c line 580
if (pkcs11provider != NULL) {
if (update_card(agent_fd,
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...(ret != SSH_AGENT_SUCCESS) {
+ fprintf(stderr, "failed to add engine key: %s\n", ssh_err(ret));
+ } else {
+ fprintf(stderr, "Engine Identity added: %s\n", file);
+ }
+ if (pin)
+ free (pin);
+ return ret;
+}
+
static int
delete_file(int agent_fd, const char *filename, int key_only, int qflag)
{
@@ -609,6 +632,9 @@ usage(void)
#ifdef WITH_XMSS
" [-M maxsign] [-m minleft]\n"
#endif
+#ifdef USE_OPENSSL_ENGINE
+" [-o engine]\n"
+#endif
" [file ...]\n"
" ssh-add -s pkcs11\n"
"...