[Bug 1371] Add PKCS#11 (Smartcards) support into OpenSSH
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jun 18 15:34:53 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=1371
--- Comment #43 from Damien Miller <djm at mindrot.org> 2008-06-18 15:34:50 ---
Ok, supporting multiple agents is easy and I will try to get this done
by the next release.
Providing a support library for external agents is a little more
tricky, but I think this can be accomplished relatively soon. The first
steps are:
1. Documenting the agent protocol
2. Implementing a library for working with the ssh wire protocol and
cryptographic primitives
3. Writing a skeleton agent that implements most of the agent protocol
I had already planned to do #1 as part of my effort to document all
that is undocumented in OpenSSH's implementation of the SSH protocols.
I have most of #2 done already (as part of a wider project), but it
still needs some work (in particular it doesn't support SSH1). #3 is
as-yet unstarted, but the agent is a simple program so it wouldn't take
too long once #2 is finished.
I disagree that agent-only configurations are useless. The agent can
communicate via X11 or other means; I think perhaps people are looking
at the limited nature of the existing SSH_ASKPASS and thinking that it
is all that is possible. Your ncurses UI is a great idea too.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list