https://bugzilla.mindrot.org/show_bug.cgi?id=2472
--- Comment #5 from Damien Miller <d...@mindrot.org> --- Looking at the patch, I like the idea but I don't think we need to modify ssh-agent to accommodate it. Couldn't ssh-add just graft the extra certificates to the private key and send them? This is similar to how it send implicit *-cert.pub certificates now. It might be a little more hassle for the user, since they will need to have their private keys available at the same time as their certificates, but IMO users shouldn't be able to add keys to an agent *without* presenting their private section. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
