similar to: [patch] Supporting smartcard readers with PIN entry keypads (updated against -HEAD)

Displaying 20 results from an estimated 300 matches similar to: "[patch] Supporting smartcard readers with PIN entry keypads (updated against -HEAD)"

2014 May 06
0
Supporting smartcard readers with PIN entry keypads
Folks, Find below a minor patch to allow the use of smartcards in readers that have their own PIN entry keypads (Secure PIN entry) such as the SPR332 and most german/medical chipcard devices. Tested on Solaris, FreeBSD and MacOSX against various cards and drivers. I?ve left the pkcs11_interactive check in place. Arguably - with some Secure PIN readers it may be better to move this just in front
2015 Mar 17
2
[patch] Updated patch for pkcs#11 smartcard readers that have a protected PIN path
Some smartcard readers have keypad to enter the PIN securely (i.e. such that it cannot be intercepted by a rogue (ssh) binary. PKCS#11 allows for enforcing this in hardware. Below patch allows for SSH to make use of this; against head/master as of today. Dw. commit 7f0250a8ae6c639a19d4e1e24fc112d5e2e1249a Author: Dirk-Willem van Gulik <dirkx at webweaving.org> Date: Tue Mar 17
2014 May 07
7
[Bug 2240] New: Secure PIN entry for smartcards through the keypad on the reader (patch)
https://bugzilla.mindrot.org/show_bug.cgi?id=2240 Bug ID: 2240 Summary: Secure PIN entry for smartcards through the keypad on the reader (patch) Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet
2014 Aug 18
15
Call for testing: OpenSSH 6.7
Hi, OpenSSH 6.7 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a big release containing a number of features, a lot of internal refactoring and some potentially-incompatible changes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD:
2014 Jan 28
1
safenet eToken 5100 pkcs11 bug(?)
Guys, I am not able to get it run. I can not say where is the problem but it seams that the openssh client is not able to get list of rsa key from token. See two logs from pkcs11-spy. one is for "ssh -I" the second is for "pkcs11-tool -O" In the second log there is private_key visible or offered in the first one is not. I use openssh 6.4 version on Linux or Mac. Log from
2013 Dec 16
0
[PATCH] allow entering smartcard pin via pinpad
The CKF_PROTECTED_AUTHENTICATION_PATH flag (as returned by C_GetTokenInfo) should be used to decide weather to request the PIN via terminal or let the reader fetch the pin from pinpad. https://bugzilla.mindrot.org/show_bug.cgi?id=2185 The patch is attached to the bug report.
2006 Jul 29
1
uniroot
Hello, I am struggling to find the root of a exponent function. "uniroot" is complaining about a values at end points not of opposite sign? s<- sapply(1:length(w),function(i) + { + + + + + uniroot(saeqn,lower=-5000,upper=0.01036597923,l=list(t=w[i],gp=gp))$root + }) Error in uniroot(saeqn, lower = -5000, upper = 0.01036597923, l = list(t = w[i], : f() values at
2020 Feb 27
2
[PATCH] Readable return codes for pkcs11 identities
Right now, if I typo my PIN for a PKCS#11 token, I get the inscrutable message: $ ssh -I /path/to/module user at example.com Enter PIN for 'SSH key': C_Login failed: 160 I'd prefer to receive a more useful message: Login to PKCS#11 token failed: Incorrect PIN I've attached a patch that adds specific handling for three common error cases: Incorrect PIN, PIN too long or too
2016 Nov 11
10
[Bug 2638] New: Honor PKCS#11 CKA_ALWAYS_AUTHENTICATE attribute of the private objects
https://bugzilla.mindrot.org/show_bug.cgi?id=2638 Bug ID: 2638 Summary: Honor PKCS#11 CKA_ALWAYS_AUTHENTICATE attribute of the private objects Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement
2023 Nov 19
2
[Bug 3635] New: ssh-add -s always asks for PKCS#11 PIN
https://bugzilla.mindrot.org/show_bug.cgi?id=3635 Bug ID: 3635 Summary: ssh-add -s always asks for PKCS#11 PIN Product: Portable OpenSSH Version: 9.0p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-add Assignee: unassigned-bugs at
2016 Jul 25
3
ssh-pkcs11.c
Hi Alon, I confirmed with pkcs11-tool (from OpenSC) and I can confirm that pressing return when asked for the pin causes the login to stop (and not to try a empty pin). Can you confirm if a empty pin is actually a valid pin, and if not, can the patch be accepted? Once again, the problem is that from a user experience, *some/most* users would expect they can skip pkcs11 token authentication just
2012 Apr 03
0
Re: Reg PV-HVM templates
Hi Karthick, For questions like this it''s good to loop in the xen-users list as answers may benefit others too. In terms of how to create an ISO.. that''s not quite the intention of these images. SolusVM intends for you to install the OS from an ISO which it will then manage. This is quite possible but I don''t know much about SolusVM. What you would need to do is: 1.
2018 Feb 26
3
Outstanding PKCS#11 issues
Hello everyone, as you could have noticed over the years, there are several bugs for PKCS#11 improvement and integration which are slipping under the radar for several releases, but the most painful ones are constantly updated by community to build, work and make our lives better. I wrote some of the patches, provided feedback to others, or offered other help here on mailing list, but did not
2005 May 16
2
Telephony keypad
Does anybody know if there are any external telephone-keypads for sale anywhere? (containing the keys 0-9, *, # and onhook/offhook would do) I am looking for a keypad to control a softphone and would prefer the controls to be in the physical world instead of as a window. Sincerely, Markus Hakansson
2013 Dec 16
15
[Bug 2185] New: Allow entering the PIN via reader pinpad
https://bugzilla.mindrot.org/show_bug.cgi?id=2185 Bug ID: 2185 Summary: Allow entering the PIN via reader pinpad Product: Portable OpenSSH Version: 6.4p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee: unassigned-bugs at
2015 Sep 28
33
[Bug 2474] New: Enabling ECDSA in PKCS#11 support for ssh-agent
https://bugzilla.mindrot.org/show_bug.cgi?id=2474 Bug ID: 2474 Summary: Enabling ECDSA in PKCS#11 support for ssh-agent Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee: unassigned-bugs
2020 May 27
0
Announce: OpenSSH 8.3 released
OpenSSH 8.3 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested
2016 Dec 24
30
[Bug 2652] New: PKCS11 login skipped if login required and no pin set
https://bugzilla.mindrot.org/show_bug.cgi?id=2652 Bug ID: 2652 Summary: PKCS11 login skipped if login required and no pin set Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: Smartcard Assignee:
2008 Jun 20
2
OpenSC smartcard access should use raw public keys, not X.509 certificates
A non-text attachment was scrubbed... Name: use-public-keys-instead-of-certs-with-opensc.patch Type: text/x-diff Size: 5512 bytes Desc: enable the use of raw public keys on OpenSC-supported smartcards Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080620/0fbcb856/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: not