similar to: OpenSSH and Smartcard

Hi there, has anybody managed to get the eToken Pro Anywhere work with SSH? I'm using the latest SafeNetAuthentication drivers available for Ubuntu 64bit (8.3) and everything is working just fine except for ssh. I can use the eToken for logging in, openvpn, rdestkop, etc. but it seems ssh does not recognize the device properly. The command "ssh -I /usr/lib/libeToken.so.8 user at

Guys, I am not able to get it run. I can not say where is the problem but it seams that the openssh client is not able to get list of rsa key from token. See two logs from pkcs11-spy. one is for "ssh -I" the second is for "pkcs11-tool -O" In the second log there is private_key visible or offered in the first one is not. I use openssh 6.4 version on Linux or Mac. Log from

Dear List, I need to make an Aladdin eToken Pro visible in a Linux guest HVM, but I cannot assign the device to any domU, while it''s being blocked by the dom0. To avoid this trouble I would like to pass the whole USB bus to the domU directly, via PCI passthrough. Now I use xen 3.3.0 from xensource and xen kernel from Ubuntu 8.04 2.6.24-19-xen, because the xensource xen kernel

Hi, sorry, I'm not on the list, so please answer directly. I use opensc-0.7.0 and pcsc-lite-1.1.1 under FreeBSD 4.6 with Gemplus 410 and 430 smartcard readers and Schlumberger cryptoflex smartcards. I used openssh-3.2.2p1 but the relevant file scard-opensc.c is unchanged in 3.4. RSA authentication to a remote host running opensshd did not work with the smartcard. Investigating the problem

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #6 from Sergey Ivanov <evasive.gyron at gmail.com> --- Error is exactly as described by original author. ssh -A -I /usr/lib/libeToken.so -p example.net -vvv OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to example.com

Hello OpenSSH developers, A week ago I've posted a patch that enables openssh to work with PKCS#11 tokens. I didn't receive any comments regarding the patch or reply to my questions. In current software world, providing a security product that does not support standard interface for external cryptographic hardware makes the product obsolete. Please comment my patch, so I can know

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Summary: PKCS#11 authentication fails with "xmalloc: zero size" for some certificates. Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Smartcard

OpenSC Release 0.8.0 ==================== We are pleased to announce the availability of OpenSC 0.8.0. OpenSC provides a set of libraries and utilities to access smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as mail encryption, authentication, and digital signature. OpenSC can be used with the following

does anyone know if any repositories have OpenSC built for EL4 ? I've been struggling with building this myself, trying to get an Aladdin eToken working with OpenSSL so we can use it for client authentication of an SSL session.

https://bugzilla.mindrot.org/show_bug.cgi?id=1736 Summary: OpenSSH doesn't seem to work with my MuscleCard PKCS#11 library Product: Portable OpenSSH Version: 5.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

Hi all, As stated in the subject, slightly off-topic, as it is not directly a Asterisk issue, but more SIP in general Because security in general, and specifically identification becomes more and more a subject for more concern, and Asterisk is capable of doing sip/TLS, i was wondering what more could be done to improve security. Specially softphones, might it be possible to employ etokens or

anyone know anything about using openssl 0.9.7b in EL4 w/ pkcs#11 supported smartcard/etokens? I need to figure out how to set this up so a webclient application can use token based certificate with a https connection to the tomcat xmlrpc server with a minimum of fuss. the actual client app is in python but will be using m2Crypto which in turn uses openssl. i CAn find lots on login w/

I began playing with smartcard support and enabled this in openssh-3.5p1 on linux. The -U (upload) option unfortunately doesn't work yet with ssh-keygen: $ ssh-keygen -U 0 Enter file in which the key is (/home/user/.ssh/id_rsa): key uploading not yet supported Is there a tool to upload an openssh rsa key to a smart card so that I can use it with ssh -I later on? Should I just upload it as a

Hi, folks, Up until a few weeks ago, it worked as it has been for years: firefox, security device is libcoolkey, and pcscd. Today, I go to use it (I have done updates sine I last used it), and try preferences->advanced->certificates, and it hangs. My most recent try was for over 20 min. If you move something over the window, then move it away, it's a blank window. Pull out the

m.roth at 5-cent.us further wrote: ############## m.roth at 5-cent.us wrote: > Hi, folks, > > Up until a few weeks ago, it worked as it has been for years: firefox, > security device is libcoolkey, and pcscd. > > Today, I go to use it (I have done updates sine I last used it), and > try preferences->advanced->certificates, and it hangs. My most recent > try was

Habe Samba 2.2.3a unter HP-UX 10.20 laufen. (letzte Version die ich f?r 10.20 finden konnte) Bisher lief alles bestens. Jetzt mu? ich XP Prof einbinden. Geht ja, aber bei mehreren Programmen (z.B. Office 2003) st?rzt das Programm beim Speichern ab. Geht das grunds?tzlich mit einer so alten Version nicht oder gibt es einen Workaround? Danke Andi

Hello, I'd like to find a function in the sourcecode which enables me to get the chroot-path of the mailstore, so I can concatenate it with the result of mail_storage_get_mailbox_path to get the full path of a mailbox within the filesystem. Does such a function exist? Who can help me? Thanks in advance. Stefan -- SIEGNETZ.IT GmbH { w3o-services } Schneppenkauten 1a D-57076 Siegen

Hello. Just popping in (not subscribed, please CC) to ask if it's planned to add "identity selection" when using a PKCS#11 provider. To be more clear: I have a (working) reader+smartcard, handled by PKCS11Provider /usr/lib/opensc-pkcs11.so statement in config file. Card is "formatted" w/ "pkcs15-init -C", and got a couple PINs, some mail certs and some keypairs

http://bugzilla.mindrot.org/show_bug.cgi?id=621 Summary: scard-opensc.c: more than one private key object for a certificate Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

Hi together, I am new to this list and new to dovecot itself. I have to write a plugin that implements some ACL-voodoo to be used instead of the standard ACL stuff of dovecot (it shall allow just application-driven folder-sharing - no more, no less). Though I started programming with C, my last experiences are some days old, but now I have written the function sekeletons and the registration