OpenSSH and Smartcard
Boris von Alten Blaskowitz
borisvab at gmx.de
Sat Apr 2 23:47:50 EST 2005
Hi,
I am not sure if this the right place for the question. Sorry if not ...
My System:
SuSE 9.2
OpenSSH 3.9p1
I have trouble to use a Smartcard with openssh. If i try to connect
directly to the Smartcard, it fails:
ssh -I 0:45 localhost
card-etoken.c:175:etoken_check_sw: required access right not granted
card-etoken.c:631:do_compute_signature: returning with: Security status
not satisfied card-etoken.c:175:etoken_check_sw: required access right
not granted card-etoken.c:631:do_compute_signature: returning with:
Security status not satisfied card-etoken.c:175:etoken_check_sw:
required access right not granted
card-etoken.c:631:do_compute_signature: returning with: Security status
not satisfied sec.c:53:sc_compute_signature: returning with: Security
status not satisfied pkcs15-sec.c:285:sc_pkcs15_compute_signature:
sc_compute_signature() failed: Security status not satisfied
sc_pkcs15_compute_signature() failed: Security status not satisfied
ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0)
This is happen because openssh never prompt for the pin.
If I use the openssh-agent and ssh-add everything works well.
ssh-add -s 0
ssh localhost
:) --> Have a lot of fun
The question now:
Does Smartcards only work, if I use the ssh-agent or should the "ssh -I
0:45 localhost" command also work????
Thanks for help
Boris
More information about the openssh-unix-dev
mailing list