(Was: Re-adding PKCS#11 key in ssh-agent produces "agent refused operation" error.)
Jakub Jelen
jjelen at redhat.com
Mon Apr 27 19:50:55 AEST 2020
On Sat, 2020-04-04 at 16:19 -0700, Jacob Hoffman-Andrews wrote:
> On Mon, Feb 24, 2020 at 2:29 AM Jakub Jelen <jjelen at redhat.com>
> wrote:
> > I tried to address transparent smart card/yubikey removal in the
> > OpenSSH before [1], but it still had some issues inside of OpenSC
> > [2]
> > that should be hopefully addressed by this time (though some more
> > referenced by previous mail might still be present).
> >
> > [1] https://bugzilla.mindrot.org/show_bug.cgi?id=2890
> > [2] https://github.com/OpenSC/OpenSC/issues/1822
>
> An update on these: I've rebased the patch in [1] and tested with the
> latest
> OpenSC. It works great. Is there anything else I can contribute
> towards
> merging that patch?
Darren, Damien,
what would it take to consider the following patch to be included in
openssh? I believe this is the only painful issue of using smart cards
with ssh-agent and why many people still rather use the gpg-agent,
which handles this use case correctly.
Best Regards,
--
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.
More information about the openssh-unix-dev
mailing list