Displaying 9 results from an estimated 9 matches for "pkcs15".
Did you mean:
pkcs11
2002 Oct 17
2
playing with smartcard: rsa key upload?
I began playing with smartcard support and enabled this in openssh-3.5p1
on linux.
The -U (upload) option unfortunately doesn't work yet with ssh-keygen:
$ ssh-keygen -U 0
Enter file in which the key is (/home/user/.ssh/id_rsa):
key uploading not yet supported
Is there a tool to upload an openssh rsa key to a smart card so that I can
use it with ssh -I later on? Should I just upload it as a
2005 Apr 02
3
OpenSSH and Smartcard
...mpute_signature: returning with:
Security status not satisfied card-etoken.c:175:etoken_check_sw:
required access right not granted
card-etoken.c:631:do_compute_signature: returning with: Security status
not satisfied sec.c:53:sc_compute_signature: returning with: Security
status not satisfied pkcs15-sec.c:285:sc_pkcs15_compute_signature:
sc_compute_signature() failed: Security status not satisfied
sc_pkcs15_compute_signature() failed: Security status not satisfied
ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0)
This is happen because openssh never prompt for the pin....
2016 Dec 01
1
CentOS 6, firefox, PIV cards
...n
move it away, it's a blank window. Pull out the card, and *some* of the
time, it pops up the window showing no certs, having never asked for a
PIN. The rest of the time, firefox crashes, hard.
I know the pcscd part works - I used it via a script this morning from
the command line, as does pkcs15-tool from the command line.
Anyone got any clues? Maybe I should downgrade (if I can) firefox?
mark
2016 Dec 07
1
CentOS 6, firefox, PIV cards
...a blank window. Pull out the card, and *some* of the
> time, it pops up the window showing no certs, having never asked for a
> PIN. The rest of the time, firefox crashes, hard.
>
> I know the pcscd part works - I used it via a script this morning from
> the command line, as does pkcs15-tool from the command line.
>
> Anyone got any clues? Maybe I should downgrade (if I can) firefox?
>
Additional info: I tried bringing up firefox with two other profiles. One
didn't have coolkey as a security device, but when I tried to add it, it
responded with "cannot add mod...
2003 Jul 23
1
[Bug 621] scard-opensc.c: more than one private key object for a certificate
...certificate (i.e. public key). For example some
cards OSs do not support signing and decryption with one private key object
=> if you want to use the same key for signing and decryption you need
two copies of the key (one for signing and one for decryption).
Currently scard-opensc.c uses the sc_pkcs15_find_prkey_by_id function to get
the private key object (specified by the pkcs15 id) but this function returns
only the first private key object found. It would be better to use the
sc_pkcs15_find_prkey_by_id_usage function and search for a private key
with the desired capability (see attached patc...
2011 Feb 17
1
PKCS11: selecting which key to use
...n (not subscribed, please CC) to ask if it's planned to
add "identity selection" when using a PKCS#11 provider.
To be more clear: I have a (working) reader+smartcard, handled by
PKCS11Provider /usr/lib/opensc-pkcs11.so
statement in config file.
Card is "formatted" w/ "pkcs15-init -C", and got a couple PINs, some
mail certs and some keypairs added.
Seems it works as expected *IF* the only (or first) on-card keypair is
the one to be used for SSH. If it's after other keys/certs there's no
way (I know of) to avoid testing all the preceeding keys (that's r...
2009 Mar 26
0
Processed: updating submitter e-mail address
...; submitter 486747 !
Bug#486747: pbuilder-uml should not always copy in /etc/resolv.conf, hostname, hosts.
Changed Bug submitter from Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net> to Daniel Kahn Gillmor <dkg at fifthhorseman.net>.
> submitter 487159 !
Bug#487159: opensc: pkcs15-init --store-pin prompts about undocumented transport keys
Changed Bug submitter from Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net> to Daniel Kahn Gillmor <dkg at fifthhorseman.net>.
> submitter 487191 !
Bug#487191: opensc: pkcs15-tool --store-certificate expects the key...
2005 Nov 01
3
PKCS#11 support for openssh
Hello OpenSSH developers,
A week ago I've posted a patch that enables openssh to work
with PKCS#11 tokens.
I didn't receive any comments regarding the patch or reply
to my questions.
In current software world, providing a security product that
does not support standard interface for external
cryptographic hardware makes the product obsolete.
Please comment my patch, so I can know
2006 Aug 30
30
Testing for the 4.4p1 release
Hi,
The 4.4p1 release is approaching now, so we are now asking people to
actively test snapshots or CVS and report back to the mailing list.
Snapshots are available from http://www.mindrot.org/openssh_snap or
from any of the mirrors listed on http://www.openssh.org/portable.html
The latter page also includes instructions for checking out portable
OpenSSH via anonymous CVS.
This release