I'm trying the new feature "ssh-keygen(1) now supports signing
using a CA key that has been stored in a PKCS#11 token".
According to the manpage, I should use "-D" option. And I had a
with this option.
root at ubuntu-desktop[/home/adam/temp7]#ssh-keygen -s ca_key.pub -D
libpkcs11.so -I key_id id_rsa.pub
dlopen libpkcs11.so failed: libpkcs11.so: cannot open shared object file: No
such file or directory
cannot read public key from pkcs11
I searched on my ubuntu server but found no libpkcs11.so. Also, I searched
online, and didn't find too much help.
Do I need to download the source of pkcs11, then compile and install on my
mahine? If yes, where could I get the source.
Or I misunderstood the new feature, and it should not be used in this way?
Thanks in advance.