My Agent Wishlist

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Are there any Windows SSH-agent programs with the following property:

When a forwarded public-key authentication request is recieved (from
active agent-forwarding), it pops up a window to confirm the agent
request?  It greatly reduces (but does not eliminate) the danger from
hijacked intermediate machines when agent-forwarding is used.

Likewise, has anyone made (or contemplated making) the following:

A USB "hard drive" device.  The device stores an SSH-agent interface,
SSH tools, and the private, passphrase protected keys.  IT uses a USB
hard-drive interface to allow it to be used anywhere.

The ssh-agent loads the passphrase onto the device, with the device
performing the actual private-key authentication (and, optionally,
only will authenticate if a button is pushed by the user).  The
private keys never leave the device.
Nicholas C. Weaver                       

Site Timeline