Displaying 3 results from an estimated 3 matches for "default_pkcs11_whitelist".
2016 Dec 28
2
DEFAULT_PKCS11_WHITELIST on 64-bit Linux systems
Hello,
On RHEL 6/amd64, the stock value for DEFAULT_PKCS11_WHITELIST is not
very useful. On such systems, /usr/lib64/* would need to be added to the
pattern list. Although users can specify the -P option every time they
launch ssh-agent, it might be nice to provide a means to specify a
default whitelist at build-time.
It's tempting to suggest that configure sho...
2017 Jan 03
2
DEFAULT_PKCS11_WHITELIST on 64-bit Linux systems
On 12/30/2016 02:40 AM, Damien Miller wrote:
> On Wed, 28 Dec 2016, Iain Morgan wrote:
>
>> Hello,
>>
>> On RHEL 6/amd64, the stock value for DEFAULT_PKCS11_WHITELIST is not
>> very useful. On such systems, /usr/lib64/* would need to be added to the
>> pattern list. Although users can specify the -P option every time they
>> launch ssh-agent, it might be nice to provide a means to specify a
>> default whitelist at build-time.
>>
>...
2017 Oct 26
3
[RFC 0/2] add engine based keys
Engine keys are private key files which are only understood by openssl
external engines. ?The problem is they can't be loaded with the usual
openssl methods, they have to be loaded via ENGINE_load_private_key().
?Because they're files, they fit well into openssh pub/private file
structure, so they're not very appropriately handled by the pkcs11
interface because it assumes the private