ssh-keysign
E911266
ssh-keysign is an OpenSSH helper program used by the SSH client to perform host-based authentication by securely signing data with host keys.
All labels observed (1)
| Label | Occurrences |
|---|---|
| ssh-keysign canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T11216200 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
NED1
Entity disambiguation (via context triple)
gpt-5-mini-2025-08-07
Target entity: ssh-keysign Context triple: [OpenSSH, component, ssh-keysign]
-
A.
Universal SSH Key Manager
Universal SSH Key Manager is an enterprise security solution for discovering, managing, and auditing SSH keys to control access and reduce cryptographic risk across large IT environments.
-
B.
gpg-agent
gpg-agent is a background daemon for GNU Privacy Guard that securely manages private keys and handles cryptographic operations such as signing and decryption.
-
C.
SSH
SSH (Secure Shell) is a cryptographic network protocol used to securely access, manage, and transfer data between remote computers over unsecured networks.
-
D.
SSH
SSH is the IATA airport code for Sharm El Sheikh International Airport, a major tourist gateway on Egypt’s Red Sea coast.
-
E.
SSH KEXINIT message
The SSH KEXINIT message is a protocol packet used during SSH session setup to exchange and negotiate key exchange, encryption, and other security-related algorithms between client and server.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
NED2
Entity disambiguation (via description)
gpt-5-mini-2025-08-07
Target entity: ssh-keysign Target entity description: ssh-keysign is an OpenSSH helper program used by the SSH client to perform host-based authentication by securely signing data with host keys.
-
A.
Universal SSH Key Manager
Universal SSH Key Manager is an enterprise security solution for discovering, managing, and auditing SSH keys to control access and reduce cryptographic risk across large IT environments.
-
B.
gpg-agent
gpg-agent is a background daemon for GNU Privacy Guard that securely manages private keys and handles cryptographic operations such as signing and decryption.
-
C.
SSH
SSH (Secure Shell) is a cryptographic network protocol used to securely access, manage, and transfer data between remote computers over unsecured networks.
-
D.
SSH
SSH is the IATA airport code for Sharm El Sheikh International Airport, a major tourist gateway on Egypt’s Red Sea coast.
-
E.
SSH KEXINIT message
The SSH KEXINIT message is a protocol packet used during SSH session setup to exchange and negotiate key exchange, encryption, and other security-related algorithms between client and server.
- F. None of above. chosen
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
OpenSSH helper program
ⓘ
software program ⓘ |
| authenticates | client host to remote server ⓘ |
| category |
SSH authentication helper
ⓘ
cryptographic utility ⓘ |
| communicationMethod |
standard input
ⓘ
standard output ⓘ |
| distribution |
OpenBSD base system
NERFINISHED
ⓘ
most Linux distributions with OpenSSH ⓘ |
| doesNot |
read user private keys
ⓘ
run as a standalone interactive program ⓘ |
| implements | host-based authentication protocol ⓘ |
| introducedFor | supporting SSH host-based authentication without exposing host keys to users ⓘ |
| invokedBy | ssh ⓘ |
| license | BSD-style license ⓘ |
| maintainedBy | OpenSSH developers ⓘ |
| manPage | ssh-keysign(8) ⓘ |
| operatesAt | application layer ⓘ |
| partOf | OpenSSH NERFINISHED ⓘ |
| performs | cryptographic signing ⓘ |
| programmingLanguage | C ⓘ |
| readsConfigurationFrom |
/etc/ssh/ssh_config
ⓘ
~/.ssh/config ⓘ |
| readsHostKeysFrom |
/etc/ssh/ssh_host_ecdsa_key
ⓘ
/etc/ssh/ssh_host_ed25519_key ⓘ /etc/ssh/ssh_host_rsa_key ⓘ |
| requires | access to system host private keys ⓘ |
| requiresOption |
EnableSSHKeysign yes
ⓘ
HostbasedAuthentication yes ⓘ |
| runsOn |
FreeBSD
NERFINISHED
ⓘ
Linux ⓘ OpenBSD NERFINISHED ⓘ Unix-like operating systems ⓘ macOS NERFINISHED ⓘ |
| securityGoal | protect host private keys from exposure to ssh client process ⓘ |
| securityModel | setuid root helper ⓘ |
| signsWith | host keys ⓘ |
| supports |
ecdsa-sha2-nistp256 host keys
ⓘ
ecdsa-sha2-nistp384 host keys ⓘ ecdsa-sha2-nistp521 host keys ⓘ ssh-ed25519 host keys ⓘ ssh-rsa host keys ⓘ |
| upstreamProject | OpenSSH Portable NERFINISHED ⓘ |
| usedBy | ssh client ⓘ |
| usedFor | host-based authentication ⓘ |
| uses | OpenSSH libssh codebase NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Input
Subject: ssh-keysign Description of subject: ssh-keysign is an OpenSSH helper program used by the SSH client to perform host-based authentication by securely signing data with host keys.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.