[Bug 589] scard-opensc.c: load only those keys for which there's a private key

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jun 5 19:02:51 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=589

           Summary: scard-opensc.c: load only those keys for which there's a
                    private key
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Smartcard
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: larsch at trustcenter.de


sc_get_keys loads the public keys from every certificate stored
on the smartcard. Therefore public keys of CA certificate (or other
certs for which there's no corresponding private key on the smartcard)
are loaded into the ssh-agent. This has (at least) two drawbacks:
a) loading certificates from a smartcard is slow and
b) the useless public keys might confuse the user (which keys of the
   'ssh-add -L' output are actually usable in .ssh/authorized_keys).

Regards,
Nils



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list