I'm attaching a patch to allow ssh client to get a pin from the command line when using a smartcard. Most of it is from a patch by Danny De Cock <godot () ulyssis ! org>, but I've used the ssh read_passphrase function instead. Any errors are mine, I'm sure. This enables ssh -I 0 to use a pin-protected smartcard via opensc. Thanks, Kevin Stefanik -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-3.5p1-opensc-get_pin.patch.bz2 Type: application/x-bzip2 Size: 655 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030508/83a1c785/attachment.bin
i think that if you want to use pin protected cards the ssh-agent should be used. ssh-add will prompt for the pin. On Thu, May 08, 2003 at 04:31:23PM -0400, Kevin Stefanik wrote:> I'm attaching a patch to allow ssh client to get a pin from the command line > when using a smartcard. Most of it is from a patch by Danny De Cock > <godot () ulyssis ! org>, but I've used the ssh read_passphrase function > instead. Any errors are mine, I'm sure. > > This enables ssh -I 0 to use a pin-protected smartcard via opensc. > > Thanks, > Kevin Stefanik
+ sprintf (buf, "Enter PIN [%s]: ", obj->label); never ever use sprintf, please.
Forgot the list... ---------- Forwarded Message ---------- Subject: Re: get_pin for scard-opensc.c Date: Friday 09 May 2003 09:41 am From: Kevin Stefanik <kstef at mtppi.org> To: Markus Friedl <markus at openbsd.org> On Thursday 08 May 2003 06:21 pm, you wrote:> + sprintf (buf, "Enter PIN [%s]: ", obj->label); > > never ever use sprintf, please.Thank you for your polite restraint. Kevin PS: I also fixed a possible memory leak on sc_pin if pin verification failed. ------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-3.5p1-opensc-get_pin.patch Type: text/x-diff Size: 2443 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030509/13df4835/attachment.bin