py-junos-eznc icon indicating copy to clipboard operation
py-junos-eznc copied to clipboard
verified publisher icon Juniper

Allow ssh-agent-based certificate authentication

Open bcollet opened this issue 3 months ago • 0 comments

ncclient v0.7.0 added support to allow supplementing a public key found in an SSH agent with certificate data, if present.

This is useful for certificate authentication when the key material is only accessible through an SSH agent (for PKCS11-backed certificates for instance).

However, the current logic in PyEZ prevents using an ssh-agent while also loading a key or a certificate.

Other similar issues with this logic have been raised in the past, and forcing the ssh-agent to be disabled in certain conditions seems to cause more problems than it solves, if any:

  • #1285
  • #1284
  • #1353

bcollet avatar Sep 24 '25 06:09 bcollet