Correctly set flags when talking with agent and set correct signature algorithms with RSA SHA2 certificates
The testsuite fails now, because of (to my best understanding) a bug in OpenSSH ssh-agent, which does not generate correct signatures upon providing valid flags, therefore proposing these patches separately as they "break compatibility".