[ssh_x509] HostKey via engine?

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Wed Nov 21 20:20:29 EET 2012


Hi,

Is it possible to store the HostKey on hardware and access it via an openssl
engine?

I did a simple test with the configuration:
  HostKey engine:spyrus:2
where spyrus is an openssl engine for Spyrus Lynks that works fine for 
clients.

But sshd gives this output:
debug1: could not open key file
'/home/ssi/test-spyrus/spyrus-user/server/engine:spyrus:2': No such file or
directory
Could not load host key:
/home/ssi/test-spyrus/spyrus-user/server/engine:spyrus:2
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.

So my impression is that the engine syntax is not supported here.  Is there an
alternative approach?

Thanks,
Andrew




More information about the ssh_x509 mailing list