https://bugzilla.mindrot.org/show_bug.cgi?id=2472
Bug ID: 2472 Summary: Add support to load additional certificates Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-b...@mindrot.org Reporter: thomas.jaro...@intra2net.com Created attachment 2715 --> https://bugzilla.mindrot.org/attachment.cgi?id=2715&action=edit Patch part 1/3 Add support to load additional certificates for already loaded private keys. Useful if the private key is on a PKCS#11 hardware token. The private keys inside ssh-agent are now using a refcount to share the private parts between "Identities". The reason for this change was that the PKCS#11 code might have redirected ("wrap") the RSA functions to a hardware token. We don't want to mess with those internals. Tested with an OpenGPG card. Patch developed against 6.9p and applies to original 6.9, too. Original patch from openssh-unixdev has been split into three smaller patches for easier review. It has also been updated for version 7.1p1. (KEY_RSA_CERT_V00 / KEY_DSA_CERT_V00 was removed). Original submission: https://marc.info/?l=openssh-unix-dev&m=143792343407993&w=2 -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs