similar to: recent sc_get_key_label changes in the CVS

http://bugzilla.mindrot.org/show_bug.cgi?id=591 Summary: use PKCS#15 private key label as a comment in case of OpenSC Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Smartcard AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=584 Summary: scard-opensc.c doesn't work without PIN Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo: openssh-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=577 Summary: bug (wrong flag) in sc_private_decrypt (scard-opensc.c) Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo: openssh-bugs at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=621 Summary: scard-opensc.c: more than one private key object for a certificate Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=589 Summary: scard-opensc.c: load only those keys for which there's a private key Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Smartcard

Hi, I think there's a small bug in sc_private_decrypt in scard-opensc.c (see attached patch). The 'flags' parameter in the sc_pkcs15_decipher function call should be set to SC_ALGORITHM_RSA_PAD_PKCS1 and not to 0. If flags == 0 then sc_pkcs15_decipher uses RSA raw as a default method which has (at least) two drawbacks a) not all cards support RSA raw and b) sc_pkcs15_decipher does not

http://bugzilla.mindrot.org/show_bug.cgi?id=1294 Summary: includes.h should pull in string.h based on HAVE_STRING_H Product: Portable OpenSSH Version: 4.6p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: bitbucket

Hi, sorry, I'm not on the list, so please answer directly. I use opensc-0.7.0 and pcsc-lite-1.1.1 under FreeBSD 4.6 with Gemplus 410 and 430 smartcard readers and Schlumberger cryptoflex smartcards. I used openssh-3.2.2p1 but the relevant file scard-opensc.c is unchanged in 3.4. RSA authentication to a remote host running opensshd did not work with the smartcard. Investigating the problem

Hello, PKCS#11 is a standard API interface that can be used in order to access cryptographic tokens. You can find the specification at http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most smartcard and other cryptographic device vendors support PKCS#11, opensc also provides PKCS#11 interface. I can easily make the scard.c, scard-opensc.c and ssh-agent.c support PKCS#11. PKCS#11 is

Hi All. While wandering in auth-pam.c I noticed that there's a few Portable-specific escapees from the xmalloc(foo * bar) cleanup. There's also a "probably can't happen" integer overflow in ssh-rand-helper.c with the memset: num_cmds = 64; - entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t)); + entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));

Hi, I just released a very simple patch to openssh 5.2p1 in order to correct the pin code problem when using smartcards. This patch file include the patch for: scard.c scard.h scard-opensc.c ssh.c Cheers, Pascal

Moin, attached is a patch, which adds a new configuration option "PreferAskpass" to the ssh config. ssh{,-add,-keygen,-agent} will use ssh-askpass to prompt for passwords, if this option is set to "yes", and if ssh-askpass is available. Default for "PreferAskpass" is "no". Pacth is against current CVS. Sebastian -- signature intentionally left blank.

https://bugzilla.mindrot.org/show_bug.cgi?id=1498 Summary: OpenSC smartcard access should use raw public keys, not X.509 certificates Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Keywords: patch Severity: normal

I'm trying to add an ENGINE to OpenSSH, and am looking at scard.c and scard-opensc.c as an example. I have a couple of questions -- 1. in both of them, in sc_get_engine(), the returned ENGINE is declared static, but it's overwritten each call. Is sc_get_engine intended to be called only once? When is ENGINE_free() called? 2. Where is the returned ENGINE used? Where is

I'm attaching a patch to allow ssh client to get a pin from the command line when using a smartcard. Most of it is from a patch by Danny De Cock <godot () ulyssis ! org>, but I've used the ssh read_passphrase function instead. Any errors are mine, I'm sure. This enables ssh -I 0 to use a pin-protected smartcard via opensc. Thanks, Kevin Stefanik -------------- next part

I'm tracking some custom OpenSSH changes (based on 4.3p2) in a local CVS repository and have run into a few problems... mainly (I believe) because of the .cvsignore files. Keep in mind the main idea here is to commit the OpenSSH source without changes, tag, then add my custom changes and add a new tag. I can probably fix these by making local modes, but I'm just wondering if there

Hello- I'm testing the current versions on UnixWare 2.x and have run into the following problems: After downloading the nightly snapshot, untar fails with "Directory Checksum error". Gunzip is successful, but the tar fails. Failing the snapshot extraction, I checked out a clean copy from the CVS. Configure fails when it hits the "/scard" directory, which is empty. I

Hi, I did a CVS checkout this morning to patch sftp.c for Jon Grant's recent sftp request, but there seems to be an install problem on Mac OS X 10.5.6 possibly caused by recent changes to configure.ac. For example (most output pruned): % ident configure.ac configure.ac: $Id: configure.ac,v 1.419 2009/03/18 18:25:02 tim Exp $ $Revision: 1.419 $ % autoreconf % ./configure % make gcc

Hi, from ChangeLog: 20030609 - (djm) Sync README.smartcard with OpenBSD -current My I ask why the OpenSC section has been removed ? Note: OpenSSH + OpenSC works for me (at least with a recent OpenSC snapshot). Regards, Nils

Solaris x86 8 autoconf 2.57 autoconf; autoheader; ./configure ....; make all goes fine make install fails on Ssh.bin. scard/Makefile has a commented out target for it - is there some reason for the target being commented out? -- Carson