Jakub Jelen <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #2 from Jakub Jelen <> ---
Using ssh-keygen to generate keys on PKCS#11 device is interesting
idea, that I would clearly welcome to avoid using many other tools to
generate keys on smart cards.

But I don't think referring to this key using external file is a way to
go. Can it be done without it? It would simplify the patch by a great

Also I don't think that the generated key should have the CKA_DECRYPT
attribute set, if it should be used for SSH.

Otherwise, the key-generation changes look reasonable.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
openssh-bugs mailing list

Reply via email to