search for: update_card

...Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd, !deleting, pkcs11provider) == -1) ret = 1; goto done; } does not check for additional (certifcate)-files files on the command line and update_card neither does. Is there any intention to change this? Thanks in alot, Manon

Dear openssh developers In a shell script I need to verify if a key belonging to a given public key file is already loaded into the agent. To achieve this, I added a new option -v to ssh-add which does this verification. The patch bases on openssh v5.8p1. The regression test agent.sh was extended to test this new feature. Is there any chance for inclusion of attached patch? Cheers Konrad --

Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private

...sed identity from the authentication server. * This call is intended only for use by ssh-add(1) and like applications. diff --git a/authfd.h b/authfd.h index c3bf6259a..1dd1070cb 100644 --- a/authfd.h +++ b/authfd.h @@ -38,6 +38,9 @@ int ssh_remove_identity(int sock, struct sshkey *key); int ssh_update_card(int sock, int add, const char *reader_id, const char *pin, u_int life, u_int confirm); int ssh_remove_all_identities(int sock, int version); +int ssh_add_engine_key(int sock, const char *file, const char *engine, + const char *pin, u_int lifetime, u_int confirm, + u_int maxsign);...