Although this isn't needed locally since ssh automatically picks up
id_*-cert.pub, the forwarded agent (ssh -A) does not know about the
certificates and won't forward them to the remote host.
This is currently blocking me sshing via bastion boxes.
Description
Description
Details
Details
- Version
- 2.2.3
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Duplicate | None | T3574 gpg-agent doesn't pick up ssh certificates | ||
| Open | None | T1756 gpg-agent doesn't accept ssh certificates |
Event Timeline
Comment Actions
There is request to add support for ssh-certs to gpg-agent: T1756. Right now gpg-agent can only extract the public key from the certificiates and nothing more. The gpg-agent speaks the ssh-agent protocol and as such does not know anything about files uses by ssh to store certificates.