(ssh|gpg)-agent

Joseph Bruni jbruni@mac.com
Wed Apr 30 03:14:02 2003


If you were to try to use the Agent Forwarding feature, wouldn't that 
be (potentially) a lot of data over the wire? Maybe you only need to 
pass the session keys around, instead? Agent forwarding would be really 
cool if you logged in to a remote host and were able to decrypt files 
using a private key that was stored on your local computer's USB 
keychain. I don't think you'd want to pass all the data in this 
scenario.


On Tuesday, April 29, 2003, at 12:30 PM, Werner Koch wrote:

> On Tue, 29 Apr 2003 18:09:59 +0200, Adrian 'Dagurashibanipal' von 
> Bidder said:
>
>> Hmmm. I think it is a great idea - though I would not do it by
>> forwarding the key itself, but by sending the to-be-encrypted data
>> around, thus keeping the secret key on the machine it was originally
>> stored.
>
> I had the same idea when designing the protocol used by gpg-agent.
> This is definitely possible and I would like to implement it as time
> permits.  Either ssh-agent is modified to provide a new channel for
> gpg-agent communication or we implement the ssh-agent stuff in GnuPG.
>
> -- 
>   Nonviolence is the greatest force at the disposal of
>   mankind. It is mightier than the mightiest weapon of
>   destruction devised by the ingenuity of man. -Gandhi
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>