AW: AW: OpenSSH 6.3p1 Smartcard-Support
Benjamin Fras
benjaminfras at netbens.de
Thu Dec 12 01:20:27 EST 2013
Hi,
This is the output of the pkcs11-tool using the safenet-lib
pkcs11-tool --module /usr/lib/libeToken.so -O
Using slot 0 with a present token (0x0)
Certificate Object, type = X.509 cert
label: 411ef289-88cf-4f38-89b1-5e8691f6cb8a
ID: 1f67fd84c675af27
Certificate Object, type = X.509 cert
label: {E670E946-633C-4956-83B0-5EB67A3A5EAE}
ID: e93a991dca5b2939
-----Ursprüngliche Nachricht-----
> Von:Damien Miller <djm at mindrot.org <mailto:djm at mindrot.org> >
> Gesendet: Mit 11 Dezember 2013 12:48
> An: Benjamin Fras <benjaminfras at netbens.de <mailto:benjaminfras at netbens.de> >
> CC: openssh-unix-dev at mindrot.org <mailto:openssh-unix-dev at mindrot.org>
> Betreff: Re: AW: OpenSSH 6.3p1 Smartcard-Support
>
> On Wed, 11 Dec 2013, Benjamin Fras wrote:
>
> >
> > Hi,
> > thanks for your reply. Please find attached the debug trace of the openssh-c
> > lient:
> > ssh -I /usr/lib/libeToken.so -p 222 10.0.0.41 -vvv
> > OpenSSH_6.4, OpenSSL 1.0.1c 10 May 2012
> > debug1: Reading configuration data /usr/local/etc/ssh_config
> > debug2: ssh_connect: needpriv 0
> > debug1: Connecting to 10.0.0.41 [10.0.0.41] port 222.
> > debug1: Connection established.
> > debug1: manufacturerID <SafeNet, Inc.> cryptokiVersion 2.20 libraryDescripti
> > on <SafeNet eToken PKCS#11> libraryVersion 8.3
> > debug1: label <eToken> manufacturerID <SafeNet, Inc.> model <eToken> serial
> > <0052787c> flags 0x60d
> > no keys
>
> ˆˆˆˆ The PKCS#11 library is being loaded and initialised, but isn't
> returning any keys to OpenSSH.
>
> Can you use something like opensc's pkcs11-tool to list the objects
> on your card? I.e. pkcs11-tool --module /path/to/pkcs11.so -O
>
> -d
>
>
More information about the openssh-unix-dev
mailing list