AW: AW: OpenSSH 6.3p1 Smartcard-Support
Damien Miller
djm at mindrot.org
Thu Dec 12 08:53:52 EST 2013
On Wed, 11 Dec 2013, Benjamin Fras wrote:
>
> Hi,
> This is the output of the pkcs11-tool using the safenet-lib
> pkcs11-tool --module /usr/lib/libeToken.so -O
> Using slot 0 with a present token (0x0)
> Certificate Object, type = X.509 cert
> label: 411ef289-88cf-4f38-89b1-5e8691f6cb8a
> ID: 1f67fd84c675af27
> Certificate Object, type = X.509 cert
> label: {E670E946-633C-4956-83B0-5EB67A3A5EAE}
> ID: e93a991dca5b2939
This is the problem - the released versions only handle plain keys. E.g.
[djm at demiurge ~]$ pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -O
Using slot 2 with a present token (0x5)
Public Key Object; RSA 2048 bits
label: Private Key
ID: 71c719db35ffd0f8087710e57722a3d82f630e58
Usage: encrypt, verify, wrap
Certificate Object, type = X.509 cert
label: Certificate
ID: 71c719db35ffd0f8087710e57722a3d82f630e58
Markus added support for extracting a public key from a certificate only
recently.
-d
More information about the openssh-unix-dev
mailing list