I was trying unsuccessfully to get ssh-agent to sign a JWT via the x/crypto/ssh/agent.Agent::Sign() interface.
In https://github.com/golang/crypto/blob/master/ssh/agent/client.go#L371, the Flags in signRequestAgentMsg was left as default (0). req := ssh.Marshal(signRequestAgentMsg{ KeyBlob: key.Marshal(), Data: data, }) In OpenSSH ssh-agent, https://github.com/openssh/openssh-portable/blob/master/ssh-agent.c#L262, the signing algorithm is being determined by parsing the flags sent in the signRequestAgentMsg - 2 for rsa-sha2-256 and 4 for rsa-sha2-512, and sending 0 probably defaults the algorithm to SHA1. It seems that allowing the caller to specify flags, or at a higher level, an algorithm name, would be able to resolve this, but I'm not sure what is the best way to implement this. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.