[Bug 2635] Unable to use SSH Agent and user level PKCS11Provider configuration directive
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Sep 23 04:24:49 AEST 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2635
Marc 'Zugschlus' Haber <mh+openssh-bugzilla at zugschlus.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mh+openssh-bugzilla at zugschl
| |us.de
--- Comment #6 from Marc 'Zugschlus' Haber <mh+openssh-bugzilla at zugschlus.de> ---
I have exactly the same issue, on Debian unstable, using OpenSSH 7.5p1
from the Debian packages, and a yubikey 4 Nano. My ssh -vvvv output is
the same as Jamin's.
I can provide additional information:
(1) My second Yubikey, a Yubikey Neo, works fine even with the agent
loaded and the PKCS11Provider option in the config.
(2) When using the agent without the PKCS11Provider option, the ssh
-vvv output is the identical same until:
debug3: sign_and_send_pubkey: RSA <deleted>
sign_and_send_pubkey: signing failed: agent refused operation
debug1: Offering RSA public key:
/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
On the working client, things are:
debug3: sign_and_send_pubkey: RSA <same-deleted-as-above>
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([127.0.0.1]:10022).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list