[pinhead26]

The Goosig (extra blinding crpyto) is also optional. With the --bare flag, its just a signature.

[rvnx]

Try it please :) I've spent several hours around this option.

[rvnx]

I've explained above why it cannot work, but I'm still digging on alternative that wouldn't consist on revealing the private key.

[rvnx]

More feedback, if I understood it right: if you extract the findNonces function, dump the 1500 files of 512 bytes, transfer them to a machine that has the ssh private key, then you should be able to sign without risking anything (encryption is RSA-OAEP), because your private key wouldn't touch the software.