Subject: Re: [PATCH] Generalized API for publickey userauth

Re: [PATCH] Generalized API for publickey userauth

From: Peter Stuge <peter_at_stuge.se>
Date: Tue, 15 Dec 2009 11:30:17 +0100

Simon Josefsson wrote:
> However I think it would be useful to have the ability to do a
> callback-based public key signing too. One goal here would be to
> permit private keys in-memory rather than on disk, to facilitate
> process-separation between the process knowing the private key and
> doing the signing, and the actually libssh2 code.

You just described exactly what an SSH agent does. :)

> Thoughts?

I agree it would be nice to allow new and cool agent solutions. Just
like we discussed to potentially have SFTP be separate from (but
close to) libssh2 I think it would make sense to have a separate
development effort for agent development. It makes a lot of sense to
me because it will be a much smaller code base which is thus easier
to review and possibly certify for those with such needs.

//Peter
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2009-12-15