Dear friends, First, thanks for helping me on ssh default option for smartcards. I recompiled SSH from CVS and it seems to work. I still have problems with: ssh-add -s /usr/lib/opensc-pkcs11.so Enter passphrase for PKCS#11: (I enter PIN code) SSH_AGENT_FAILURE Could not add card: /usr/lib/opensc-pkcs11.so pkcs11-tool --slot 1 -O Public Key Object; RSA 2048 bits label: Public Key ID: 7645d913d5***********54816ff02324c23a7ebf4 Usage: none Certificate Object, type = X.509 cert label: CAcert WoT User's Root CA ID ID: 7645d913d5***********54816ff02324c23a7ebf4 Public Key Object; RSA 2048 bits label: Public Key ID: 6d0534d04a***********49967a2e33571deec58 Usage: none Certificate Object, type = X.509 cert label: StartCom Free Certificate Member's StartCom Ltd. ID ID: 6d0534d04a***********49967a2e33571deec58 ps aux | grep ssh-agent jmpoure 2520 0.0 0.0 20420 600 ? Ss 09:04 0:00 /usr/bin/ssh-agent /usr/bin/gpg-agent --daemon --sh --write-env-file=/home/jmpoure/.gnupg/gpg-agent-info-acer /usr/bin/dbus-launch --exit-with-session /usr/bin/seahorse-agent --execute gnome-session I suspect this is not the right ssh-agent. Any idea? Kind regards, Fran?ois
On Thu, 2010-04-08 at 18:25 +0200, Markus Friedl wrote:> does > ssh-keygen -D /usr/lib/opensc-pkcs11.so > print the public keys?Yes, it does : ssh-keygen -D /usr/lib/opensc-pkcs11.so ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMd48TfLhCcr3QB**************************************3gB4+Zb4h0HS5+EhJiQSZFz5xgdBO7BqowucgYYHr3RX7S+PqNXcp/XO67piNQAn3SFiG01wa0tPXeNqcsA9+r7A2RDGPaLrzbiDpTboMPjyrnZi3b1AFTr/zK7mtb9upaed0aZdx9FFu/w6l7P5KsndWgP ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnsHHbRxDrWQOfj90ybrJbT088FrwojJFHxWPKl1LtnGBSKeTAAzsWst9WcRSao4mF+UDEX6yYCSmVFzWY2xHq0yxoux3xWYu5e***********************************************Ff19FrWaMF25ul+gLFa4iyCykdNI7DvKGUNfIp/KoeHz5yVjiToKtOc+31TZAHcLcBKeUmxCQtyrsR9EQ7MeKHsfot4xotz6YqE/RPve+1dAvTl> you could also try to start the ssh-agent w/debugging: > > first terminal: > % ssh-agent -d > SSH_AUTH_SOCK=/tmp/ssh-SYLCbU29yI/agent.24984; export SSH_AUTH_SOCK; > echo Agent pid 24984;Okay.> other terminal: > % SSH_AUTH_SOCK=/tmp/ssh-SYLCbU29yI/agent.24984; export SSH_AUTH_SOCK; > % ssh-add -s /usr/lib/opensc-pkcs11.so > % ssh-add -LSSH_AUTH_SOCK=/tmp/ssh-SYLCbU29yI/agent.24984; export SSH_AUTH_SOCK; jmpoure at acer:~$ ssh-add -s /usr/lib/opensc-pkcs11.so Could not open a connection to your authentication agent. jmpoure at acer:~$ ssh-add -L Could not open a connection to your authentication agent. Houston, we have a problem :) Kind regards
Possibly Parallel Threads
- [Bug 1751] New: ssh-add -s /usr/lib/opensc-pkcs11.so does not work
- [Bug 1736] New: OpenSSH doesn't seem to work with my MuscleCard PKCS#11 library
- OpenSC smartcard access should use raw public keys, not X.509 certificates
- [Bug 221] New: updates for OpenSC support
- [Bug 221] updates for OpenSC support