gpg-agent doesn't pick up ssh certificates
Closed, DuplicatePublic


Although this isn't needed locally since ssh automatically picks up
id_*, the forwarded agent (ssh -A) does not know about the
certificates and won't forward them to the remote host.

This is currently blocking me sshing via bastion boxes.


jordan created this task.Dec 4 2017, 5:33 PM
werner added a subscriber: werner.Dec 4 2017, 8:04 PM

There is request to add support for ssh-certs to gpg-agent: T1756. Right now gpg-agent can only extract the public key from the certificiates and nothing more. The gpg-agent speaks the ssh-agent protocol and as such does not know anything about files uses by ssh to store certificates.

werner triaged this task as Normal priority.