search for: pkcs11_termin

...in various files if <sys/socket.h> and/or <netinet/ip.h> are multiply defined, because of "includes.h". edit config.h to #define BROKEN_READV_COMPARISON #undef HAVE_TYPE_IN_UTMP #define DISABLE_UTMPX #undef ENABLE_PKCS11 in ssh-keygen.c remove references to pkcs11_init and pkcs11_terminate on lines 1410 and 1493. to get sshd working one has to either set "UsePrivilegeSeparation no" or "Compression no" in sshd_config. I finally went with "Compression no". I hope this report is helpful for some people, although I am quite sure that the number of ULTR...

...e system I'm using lacks dlopen, PKCS11 isn't available and therefore fails with this.... ssh-keygen.c: In function 'do_ca_sign': ssh-keygen.c:1410:2: warning: implicit declaration of function 'pkcs11_init' ssh-keygen.c:1493:2: warning: implicit declaration of function 'pkcs11_terminate' m68k-atari-mint-gcc -o ssh-keygen ssh-keygen.o -L. -Lopenbsd-compat/ -fstack-protector-all -lssh -lopenbsd-compat -lssl -lcrypto -lz -lz -lpthread ssh-keygen.o:ssh-keygen.o:(.text+0x48b2): undefined reference to `_pkcs11_init' ssh-keygen.o:ssh-keygen.o:(.text+0x4c62): undefined refe...

Hello, The version 0.11 of "PKCS#11 support in OpenSSH" is published. Changes: 1. Updated against OpenSSH 4.3p2. 2. Modified against Roumen Petrov's X.509 patch (version 5.4), so self-signed certificates are treated by the X.509 patch now. 3. Added --pkcs11-x509-force-ssh if X.509 patch applied, until some issues with the X.509 patch are resolved. 4. Fixed issues with gcc-2. You

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet