similar to: opensc - pkcs#11 smartcard support for EL4

OpenSC Release 0.8.0 ==================== We are pleased to announce the availability of OpenSC 0.8.0. OpenSC provides a set of libraries and utilities to access smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as mail encryption, authentication, and digital signature. OpenSC can be used with the following

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Summary: PKCS#11 authentication fails with "xmalloc: zero size" for some certificates. Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Smartcard

https://bugzilla.mindrot.org/show_bug.cgi?id=1498 Summary: OpenSC smartcard access should use raw public keys, not X.509 certificates Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Keywords: patch Severity: normal

http://bugzilla.mindrot.org/show_bug.cgi?id=591 Summary: use PKCS#15 private key label as a comment in case of OpenSC Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Smartcard AssignedTo:

Hi, I am not sure if this the right place for the question. Sorry if not ... My System: SuSE 9.2 OpenSSH 3.9p1 I have trouble to use a Smartcard with openssh. If i try to connect directly to the Smartcard, it fails: ssh -I 0:45 localhost card-etoken.c:175:etoken_check_sw: required access right not granted card-etoken.c:631:do_compute_signature: returning with: Security status not satisfied

Hello OpenSSH developers, A week ago I've posted a patch that enables openssh to work with PKCS#11 tokens. I didn't receive any comments regarding the patch or reply to my questions. In current software world, providing a security product that does not support standard interface for external cryptographic hardware makes the product obsolete. Please comment my patch, so I can know

Hello, PKCS#11 is a standard API interface that can be used in order to access cryptographic tokens. You can find the specification at http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most smartcard and other cryptographic device vendors support PKCS#11, opensc also provides PKCS#11 interface. I can easily make the scard.c, scard-opensc.c and ssh-agent.c support PKCS#11. PKCS#11 is

Hi, sorry, I'm not on the list, so please answer directly. I use opensc-0.7.0 and pcsc-lite-1.1.1 under FreeBSD 4.6 with Gemplus 410 and 430 smartcard readers and Schlumberger cryptoflex smartcards. I used openssh-3.2.2p1 but the relevant file scard-opensc.c is unchanged in 3.4. RSA authentication to a remote host running opensshd did not work with the smartcard. Investigating the problem

A non-text attachment was scrubbed... Name: use-public-keys-instead-of-certs-with-opensc.patch Type: text/x-diff Size: 5512 bytes Desc: enable the use of raw public keys on OpenSC-supported smartcards Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080620/0fbcb856/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: not

https://bugzilla.mindrot.org/show_bug.cgi?id=1736 Summary: OpenSSH doesn't seem to work with my MuscleCard PKCS#11 library Product: Portable OpenSSH Version: 5.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:

On Sat, 2020-02-22 at 10:50 -0600, Douglas E Engert wrote: > As a side note, OpenSC is looking at issues with using tokens vs > separate > readers and smart cards. The code paths in PKCS#11 differ. Removing a > card > from a reader leaves the pkcs#11 slot still available. Removing a > token (Yubikey) > removes both the reader and and its builtin smart card. Firefox has a >

Hi all, Thanks for all your hard work! I was particularly excited to see FIDO/U2F support in the latest release. I'd like to make the following bug report in ssh-agent's PKCS#11 support: Steps to reproduce: 1. Configure a smart card (e.g. Yubikey in PIV mode) as an SSH key. 2. Add that key to ssh-agent. 3. Remove that key from ssh-agent. 4. Add that key to ssh-agent. Expected results:

anyone know anything about using openssl 0.9.7b in EL4 w/ pkcs#11 supported smartcard/etokens? I need to figure out how to set this up so a webclient application can use token based certificate with a https connection to the tomcat xmlrpc server with a minimum of fuss. the actual client app is in python but will be using m2Crypto which in turn uses openssl. i CAn find lots on login w/

https://bugzilla.mindrot.org/show_bug.cgi?id=2682 Bug ID: 2682 Summary: ssh-agent is unable to remove smartcard after introducing whitelist Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority:

Hello Andreas, On 10/11/05, Andreas Jellinghaus <aj at dungeon.inka.de> wrote: > Peter Koch pointed me to your posting on openssh-devel mailing list. I am very glad that he did. > I'm one of the opensc people, and from my point of view your idea > is a good one. The current openssh-opensc code has a number of issues, > for example the ssh-agent does not test the pin

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #6 from Sergey Ivanov <evasive.gyron at gmail.com> --- Error is exactly as described by original author. ssh -A -I /usr/lib/libeToken.so -p example.net -vvv OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to example.com

Hi All, The version of "PKCS#11 support in OpenSSH" is ready for download. On download page http://alon.barlev.googlepages.com/openssh-pkcs11 you can find a patch for OpenSSH 4.5p1. Most of PKCS#11 code is now moved to a standalone library which I call pkcs11-helper, this library is used by all projects that I added PKCS#11 support into. The library can be downloaded from:

ping. I've been using Alon's patch and following his arguments on this list for a while. I want to add my voice to say that the current opensc support should be completely replaced with pkcs#11 support, since it is the right way to handle smart cards. The use case that my organization wants is to use the TPM chips available in most machines as our primary smartcard mechanism,

http://bugzilla.mindrot.org/show_bug.cgi?id=577 Summary: bug (wrong flag) in sc_private_decrypt (scard-opensc.c) Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo: openssh-bugs at mindrot.org

Hi there, has anybody managed to get the eToken Pro Anywhere work with SSH? I'm using the latest SafeNetAuthentication drivers available for Ubuntu 64bit (8.3) and everything is working just fine except for ssh. I can use the eToken for logging in, openvpn, rdestkop, etc. but it seems ssh does not recognize the device properly. The command "ssh -I /usr/lib/libeToken.so.8 user at