alon.barlev at gmail.com
Tue Jan 1 01:53:43 EST 2008
Installed OpenBSD, applied this patch (ignore all missing files)
Add pkcs11.c into lib/Makefile.
CFLAGS="-DENABLE_PKCS11" LDFLAGS="-lpkcs11-helper" make
And it compiles and seems to be running.
The problem is that I don't have a working smartcard environment on OpenBSD.
Can anyone help?
On 12/31/07, Alon Bar-Lev <alon.barlev at gmail.com> wrote:
> Thanks for Ben help I released a new version of PKCS#11 patch, available from:
> Most of the work is *BSD coding styles, I also allocated short options
> for the parameters, as I understand now that long options are not
> valid and configuration file for the agent will not be available.
> There is an agentless configuration now, mainly to be OpenSC
> compatible. This is none recommended as it loads all available keys of
> a provided into ssh, and will prompt for passphrase every time ssh is
> I hope we will be able to resolve the last issue... How the agent
> protocol can support dynamic nature of hardware cryptography... Or if
> there any other suggestions of how the expected behavior might be.
> Best Regards,
> Alon Bar-Lev.
> - (alonbl) Indent file to meet BSD styles.
> - (alonbl) Modify parameters (again) to meet BSD styles.
> I truly regret that I keep modifying the parameters, I believe
> this is not the last time, as I don't have full cooperation of
> Get provider keys:
> ssh-add --pkcs11-show-ids ...
> ssh-keygen -K provider_info
> Add key:
> ssh-add --pkcs11-add-id ...
> ssh-add -I id [session_cache [cert_file]]
> Agentless operation (not recommended, OpenSC compatibility):
> ssh -# provider_info ...
> Because I don't wish to add more switches, I added a format
> for provider information:
> For most implementations specify only the library name.
> - Rebase with openssh-4.7p1.
> - (alonbl) Release 0.20
More information about the openssh-unix-dev