Subject: Re: Using libssh2_userauth_publickey_fromfile() when I don't haveapublic key

Re: Using libssh2_userauth_publickey_fromfile() when I don't haveapublic key

From: Simon Josefsson <simon_at_josefsson.org>
Date: Fri, 05 Nov 2010 14:10:37 +0100

Just a note here, if you want to make it work with today's libssh2, it
is possible to do it through the ssh agent interface. Actually, the ssh
agent interface is a much more reliable and secure way to use public-key
authentication with libssh2 generally.

To solve these particular issues, though, if someone wants to work on
it, I think the simplest is to make libssh2 use GnuTLS. Decrypting
password-protected private keys isn't a low-level crypto task, and thus
doesn't belong in libgcrypt, it is a more high level feature. GnuTLS
already supports it, and has the same license as libgcrypt.

/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-11-05