Peter Stuge <[email protected]> writes: > Simon Josefsson wrote: >> However I think it would be useful to have the ability to do a >> callback-based public key signing too. One goal here would be to >> permit private keys in-memory rather than on disk, to facilitate >> process-separation between the process knowing the private key and >> doing the signing, and the actually libssh2 code. > > You just described exactly what an SSH agent does. :)
Yeah, but there are other scenarios that fits that description too, and being restricted to only implementing the solution through the SSH agent protocol appears inflexible to me. >> Thoughts? > > I agree it would be nice to allow new and cool agent solutions. Just > like we discussed to potentially have SFTP be separate from (but > close to) libssh2 I think it would make sense to have a separate > development effort for agent development. It makes a lot of sense to > me because it will be a much smaller code base which is thus easier > to review and possibly certify for those with such needs. Yup. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
