Displaying 20 results from an estimated 10000 matches similar to: "ssh-keygen with libpkcs11.so can't work (Nan)"
2010 Sep 25
1
ssh-keygen with libpkcs11.so can't work
Hi,
I'm trying the new feature "ssh-keygen(1) now supports signing certificate
using a CA key that has been stored in a PKCS#11 token".
According to the manpage, I should use "-D" option. And I had a problem
with this option.
root at ubuntu-desktop[/home/adam/temp7]#ssh-keygen -s ca_key.pub -D
libpkcs11.so -I key_id id_rsa.pub
dlopen libpkcs11.so failed: libpkcs11.so:
2006 Oct 31
0
PSARC 2005/572 PKCS#11 v2.20
Author: izick
Repository: /hg/zfs-crypto/gate
Revision: f7c96af91f148327ba792c8fbcb9e49897664f9c
Log message:
PSARC 2005/572 PKCS#11 v2.20
4920408 PKCS#11 v2.20 support for the Crypto Framework
6287425 residual bzero''s in hmac part of sha2
6287428 add sha2 to the i.kcfconfbase upgrade script
Files:
create: usr/src/common/crypto/blowfish/blowfish_cbc_crypt.c
create:
2006 Oct 31
0
6368332 libpkcs11 should report that it is v2.20 not v2.11
Author: darrenm
Repository: /hg/zfs-crypto/gate
Revision: 14d7bfad76ad917e7df568c6739d34eba6b60a33
Log message:
6368332 libpkcs11 should report that it is v2.20 not v2.11
Files:
update: usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c
update: usr/src/lib/pkcs11/libpkcs11/common/pkcs11Global.h
2007 Nov 08
0
Fix mismerge for libcryptoutil & libpkcs11
Author: Darren Moffat <darrenm at opensolaris.org>
Repository: /hg/zfs-crypto/zfs-crypto-gate
Latest revision: ec659b717bdb149af4dc7a2ac1bc1c152d859b02
Total changesets: 1
Log message:
Fix mismerge for libcryptoutil & libpkcs11
Files:
update: usr/src/lib/libcryptoutil/common/cryptoutil.h
update: usr/src/lib/libcryptoutil/common/mapfile-vers
update:
2018 Jan 05
11
[Bug 2817] New: Add support for PKCS#11 URIs (RFC 7512)
https://bugzilla.mindrot.org/show_bug.cgi?id=2817
Bug ID: 2817
Summary: Add support for PKCS#11 URIs (RFC 7512)
Product: Portable OpenSSH
Version: 7.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Smartcard
Assignee: unassigned-bugs at
2013 Mar 06
2
[Bug 2075] New: [PATCH] Enable key pair generation on a PCKS#11 device
https://bugzilla.mindrot.org/show_bug.cgi?id=2075
Bug ID: 2075
Summary: [PATCH] Enable key pair generation on a PCKS#11 device
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component:
2018 Feb 26
3
Outstanding PKCS#11 issues
Hello everyone,
as you could have noticed over the years, there are several bugs for
PKCS#11 improvement and integration which are slipping under the radar
for several releases, but the most painful ones are constantly updated
by community to build, work and make our lives better.
I wrote some of the patches, provided feedback to others, or offered
other help here on mailing list, but did not
2011 Sep 02
4
[Bug 1929] New: ssh-keygen fails to build because PKCS11 is not available
https://bugzilla.mindrot.org/show_bug.cgi?id=1929
Bug #: 1929
Summary: ssh-keygen fails to build because PKCS11 is not
available
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p2
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
2015 Jul 16
13
[Bug 2430] New: ssh-keygen should allow to login before reading public key from smart card
https://bugzilla.mindrot.org/show_bug.cgi?id=2430
Bug ID: 2430
Summary: ssh-keygen should allow to login before reading public
key from smart card
Product: Portable OpenSSH
Version: 6.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2019 Apr 18
0
Announce: OpenSSH 8.0 released
OpenSSH 8.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2023 Aug 10
1
Announce: OpenSSH 9.4 released
OpenSSH 9.4 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2023 Aug 09
1
Call for testing: OpenSSH 9.4
Compiled on OpenIndiana using GCC 11
:; SunOS 5.11 illumos-2e79e00041 illumos
Although snapshot was downloaded, it shows 9.3 version:
:; ssh -V
OpenSSH_9.3p1-snap20230809, OpenSSL 1.1.1v? 1 Aug 2023
Thanks and regards.
On 31.07.2023 08:12, Damien Miller wrote:
> Hi,
>
> OpenSSH 9.4 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as
2019 Apr 24
2
Call for testing: OpenSSH 8.0
On Sat, 2019-04-06 at 03:20 +1100, Damien Miller wrote:
> On Fri, 5 Apr 2019, Jakub Jelen wrote:
>
> > There is also changed semantics of the ssh-keygen when listing keys
> > from PKCS#11 modules. In the past, it was not needed to enter a PIN
> > for
> > this, but now.
> >
> > At least, it is not consistent with a comment in the function
> >
2006 May 27
2
[ANNOUNCE] PKCS#11 support in OpenSSH 4.3p2 (version 0.11)
Hello,
The version 0.11 of "PKCS#11 support in OpenSSH" is published.
Changes:
1. Updated against OpenSSH 4.3p2.
2. Modified against Roumen Petrov's X.509 patch (version
5.4), so self-signed certificates are treated by the X.509
patch now.
3. Added --pkcs11-x509-force-ssh if X.509 patch applied,
until some issues with the X.509 patch are resolved.
4. Fixed issues with gcc-2.
You
2015 Jul 14
2
[Bug 2427] New: ssh keygen is trying to read uninitialized slots on smart card (and is failing)
https://bugzilla.mindrot.org/show_bug.cgi?id=2427
Bug ID: 2427
Summary: ssh keygen is trying to read uninitialized slots on
smart card (and is failing)
Product: Portable OpenSSH
Version: 6.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
2006 Oct 31
0
PSARC 2006/214 Crypto Framework random number API/SPI update
Author: mcpowers
Repository: /hg/zfs-crypto/gate
Revision: 96cccf53906cb9bb5a733b8ca426f5f511392252
Log message:
PSARC 2006/214 Crypto Framework random number API/SPI update
6374503 C_SeedRandom is too slow causing poor performance with Apache/OpenSSL when using pkcs11
Files:
update: usr/src/lib/pkcs11/libpkcs11/common/metaGeneral.c
update: usr/src/lib/pkcs11/libpkcs11/common/metaGlobal.h
2005 Oct 22
2
openssh PKCS#11 support
Hello All,
As I promised, I've completed and initial patch for openssh
PKCS#11 support. The same framework is used also by openvpn.
I want to help everyone who assisted during development.
This patch is based on the X.509 patch from
http://roumenpetrov.info/openssh/ written by Rumen Petrov,
supporting PKCS#11 without X.509 looks like a bad idea.
*So the first question is: What is the
2010 Apr 08
1
ssh-add -s /usr/lib/opensc-pkcs11.so does not work
Dear friends,
First, thanks for helping me on ssh default option for smartcards. I
recompiled SSH from CVS and it seems to work.
I still have problems with:
ssh-add -s /usr/lib/opensc-pkcs11.so
Enter passphrase for PKCS#11: (I enter PIN code)
SSH_AGENT_FAILURE
Could not add card: /usr/lib/opensc-pkcs11.so
pkcs11-tool --slot 1 -O
Public Key Object; RSA 2048 bits
label: Public Key
ID:
2023 Jul 31
5
Call for testing: OpenSSH 9.4
Hi,
OpenSSH 9.4 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at
2012 Jul 28
1
[PATCH] ssh-keygen: support public key import/export using SubjectPublicKeyInfo
ssh-keygen already supports importing and exporting ssh keys using
various formats.
The "-m PEM" which should have been the easiest to be used with
various of external application expects PKCS#1 encoded key, while
many applications use SubjectPublicKeyInfo encoded key.
This change adds SubjectPublicKeyInfo support, to ease integration
with applications.
Examples:
## convert