[Bug 2075] New: [PATCH] Enable key pair generation on a PCKS#11 device
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Mar 7 06:01:29 EST 2013
https://bugzilla.mindrot.org/show_bug.cgi?id=2075
Bug ID: 2075
Summary: [PATCH] Enable key pair generation on a PCKS#11 device
Classification: Unclassified
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: rmcilroy at google.com
Created attachment 2225
--> https://bugzilla.mindrot.org/attachment.cgi?id=2225&action=edit
Pkcs11 key-pair generation patch
This patch enables ssh-keygen to generate an RSA public/private key
pair on a PKCS#11 device (such as a TPM). Once the keys have been
created on the PKCS#11 device, the public identity file is created as
normal, but a new private key format is introduced to signal that the
key needs to be loaded from an external device.
My plan is to augment this pkcs11 private key identity file format to
enable automatic loading of the external key (e.g., without setting
PKCS11Provider or using the -I option), but I wanted to run this by
people first.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list