As it is documented in keyformat.txt, we should support "Use-for-ssh" flag, so that we won't need a line in sshcontrol.
Description
Description
Revisions and Commits
Revisions and Commits
| rG GnuPG | |||
| rGd86b6c28fcca agent,ssh: Support "Use-for-ssh" flag in private key. | |||
| rGef3e5fd40377 agent: Factor out handling scanning over ssh keys. | |||
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Resolved | • gniibe | T5984 gpg-agent interaction improvement (smartcard improvement #3) | ||
| Resolved | • gniibe | T5985 private-key: Support "Use-for-ssh" flag |
Event Timeline
Comment Actions
This is an experimental patch to support "Use-for-ssh":
I'm afraid that how to define clear semantics of "Use-for-ssh".
When it's a key of OPENPGP.3 on card, which naturally expresses it's a key for SSH, having this flag means that adding meaning of "it will prompt you when your card/token is not inserted".
Related to T5987.
Comment Actions
With the change for T5996 applied, the semantics is clear. "Use-for-ssh" flag is a key not for "OpenPGP.3", but other keys (not only OpenPGP.[12], but also for normal keys.)
Pushed the change for this feature.
Comment Actions
We removed assuming "OPENPGP.3" means for ssh.
So, "Use-for-ssh" is literally as it expresses.