https://bugzilla.mindrot.org/show_bug.cgi?id=2075

Jakub Jelen <jje...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jje...@redhat.com

--- Comment #2 from Jakub Jelen <jje...@redhat.com> ---
Using ssh-keygen to generate keys on PKCS#11 device is interesting
idea, that I would clearly welcome to avoid using many other tools to
generate keys on smart cards.

But I don't think referring to this key using external file is a way to
go. Can it be done without it? It would simplify the patch by a great
deal.

Also I don't think that the generated key should have the CKA_DECRYPT
attribute set, if it should be used for SSH.

Otherwise, the key-generation changes look reasonable.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

Reply via email to