Displaying 20 results from an estimated 300 matches similar to: "[patch] Supporting smartcard readers with PIN entry keypads (updated against -HEAD)"
2014 May 06
0
Supporting smartcard readers with PIN entry keypads
Folks,
Find below a minor patch to allow the use of smartcards in readers that have their own
PIN entry keypads (Secure PIN entry) such as the SPR332 and most german/medical
chipcard devices.
Tested on Solaris, FreeBSD and MacOSX against various cards and drivers.
I?ve left the pkcs11_interactive check in place. Arguably - with some Secure PIN readers
it may be better to move this just in front
2015 Mar 17
2
[patch] Updated patch for pkcs#11 smartcard readers that have a protected PIN path
Some smartcard readers have keypad to enter the PIN securely (i.e. such that it cannot be intercepted by a rogue (ssh) binary.
PKCS#11 allows for enforcing this in hardware. Below patch allows for SSH to make use of this; against head/master as of today.
Dw.
commit 7f0250a8ae6c639a19d4e1e24fc112d5e2e1249a
Author: Dirk-Willem van Gulik <dirkx at webweaving.org>
Date: Tue Mar 17
2014 May 07
7
[Bug 2240] New: Secure PIN entry for smartcards through the keypad on the reader (patch)
https://bugzilla.mindrot.org/show_bug.cgi?id=2240
Bug ID: 2240
Summary: Secure PIN entry for smartcards through the keypad on
the reader (patch)
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list,
I have no idea if Damien Miller had the time to work on that.
I have an initial patch to authenticate using PKCS#11 and ECDSA keys.
This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the
required interfaces to override the signature function pointer for ECDSA.
The only limitation is that the OpenSSL API misses some cleanup function
(finish, for instance), hence I have yet
2014 Aug 18
15
Call for testing: OpenSSH 6.7
Hi,
OpenSSH 6.7 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a big release
containing a number of features, a lot of internal refactoring and some
potentially-incompatible changes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
2014 Jan 28
1
safenet eToken 5100 pkcs11 bug(?)
Guys, I am not able to get it run. I can not say where is the problem but it seams that the openssh client is not able to get list of rsa key from token. See two logs from pkcs11-spy. one is for "ssh -I" the second is for "pkcs11-tool -O"
In the second log there is private_key visible or offered in the first one is not.
I use openssh 6.4 version on Linux or Mac.
Log from
2013 Dec 16
0
[PATCH] allow entering smartcard pin via pinpad
The CKF_PROTECTED_AUTHENTICATION_PATH flag (as returned by
C_GetTokenInfo) should be used to decide weather to request the PIN via
terminal or let the reader fetch the pin from pinpad.
https://bugzilla.mindrot.org/show_bug.cgi?id=2185
The patch is attached to the bug report.
2006 Jul 29
1
uniroot
Hello,
I am struggling to find the root of a exponent
function.
"uniroot" is complaining about a values at end points
not of opposite sign?
s<- sapply(1:length(w),function(i)
+ {
+
+ +
+
+
uniroot(saeqn,lower=-5000,upper=0.01036597923,l=list(t=w[i],gp=gp))$root
+ })
Error in uniroot(saeqn, lower = -5000, upper =
0.01036597923, l = list(t = w[i], :
f() values at
2020 Feb 27
2
[PATCH] Readable return codes for pkcs11 identities
Right now, if I typo my PIN for a PKCS#11 token, I get the inscrutable message:
$ ssh -I /path/to/module user at example.com
Enter PIN for 'SSH key':
C_Login failed: 160
I'd prefer to receive a more useful message:
Login to PKCS#11 token failed: Incorrect PIN
I've attached a patch that adds specific handling for three common
error cases: Incorrect PIN, PIN too long or too
2016 Nov 11
10
[Bug 2638] New: Honor PKCS#11 CKA_ALWAYS_AUTHENTICATE attribute of the private objects
https://bugzilla.mindrot.org/show_bug.cgi?id=2638
Bug ID: 2638
Summary: Honor PKCS#11 CKA_ALWAYS_AUTHENTICATE attribute of the
private objects
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
2023 Nov 19
2
[Bug 3635] New: ssh-add -s always asks for PKCS#11 PIN
https://bugzilla.mindrot.org/show_bug.cgi?id=3635
Bug ID: 3635
Summary: ssh-add -s always asks for PKCS#11 PIN
Product: Portable OpenSSH
Version: 9.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-add
Assignee: unassigned-bugs at
2016 Jul 25
3
ssh-pkcs11.c
Hi Alon,
I confirmed with pkcs11-tool (from OpenSC) and I can confirm that
pressing return when asked for the pin causes the login to stop (and
not to try a empty pin).
Can you confirm if a empty pin is actually a valid pin, and if not,
can the patch be accepted?
Once again, the problem is that from a user experience, *some/most*
users would expect they can skip pkcs11 token authentication just
2012 Apr 03
0
Re: Reg PV-HVM templates
Hi Karthick,
For questions like this it''s good to loop in the xen-users list as
answers may benefit others too.
In terms of how to create an ISO.. that''s not quite the intention of
these images.
SolusVM intends for you to install the OS from an ISO which it will then manage.
This is quite possible but I don''t know much about SolusVM.
What you would need to do is:
1.
2018 Feb 26
3
Outstanding PKCS#11 issues
Hello everyone,
as you could have noticed over the years, there are several bugs for
PKCS#11 improvement and integration which are slipping under the radar
for several releases, but the most painful ones are constantly updated
by community to build, work and make our lives better.
I wrote some of the patches, provided feedback to others, or offered
other help here on mailing list, but did not
2005 May 16
2
Telephony keypad
Does anybody know if there are any external telephone-keypads for sale
anywhere? (containing the keys 0-9, *, # and onhook/offhook would do)
I am looking for a keypad to control a softphone and would prefer the
controls to be in the physical world instead of as a window.
Sincerely,
Markus Hakansson
2013 Dec 16
15
[Bug 2185] New: Allow entering the PIN via reader pinpad
https://bugzilla.mindrot.org/show_bug.cgi?id=2185
Bug ID: 2185
Summary: Allow entering the PIN via reader pinpad
Product: Portable OpenSSH
Version: 6.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Smartcard
Assignee: unassigned-bugs at
2015 Sep 28
33
[Bug 2474] New: Enabling ECDSA in PKCS#11 support for ssh-agent
https://bugzilla.mindrot.org/show_bug.cgi?id=2474
Bug ID: 2474
Summary: Enabling ECDSA in PKCS#11 support for ssh-agent
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-agent
Assignee: unassigned-bugs
2020 May 27
0
Announce: OpenSSH 8.3 released
OpenSSH 8.3 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2016 Dec 24
30
[Bug 2652] New: PKCS11 login skipped if login required and no pin set
https://bugzilla.mindrot.org/show_bug.cgi?id=2652
Bug ID: 2652
Summary: PKCS11 login skipped if login required and no pin set
Product: Portable OpenSSH
Version: 7.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Smartcard
Assignee:
2008 Jun 20
2
OpenSC smartcard access should use raw public keys, not X.509 certificates
A non-text attachment was scrubbed...
Name: use-public-keys-instead-of-certs-with-opensc.patch
Type: text/x-diff
Size: 5512 bytes
Desc: enable the use of raw public keys on OpenSC-supported
smartcards
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080620/0fbcb856/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not