[Bug 2890] New: ssh-agent should not fail after removing and inserting smart card

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 31 21:44:26 AEST 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2890

            Bug ID: 2890
           Summary: ssh-agent should not fail after removing and inserting
                    smart card
           Product: Portable OpenSSH
           Version: 7.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-agent
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

The support for PKCS#11 in ssh-agent is limited to the smart cards that
are not removed from the computer. Once removed and reinserted one
needs to do the same also with the agent:

  ssh-add -e /usr/lib64/opensc-pkcs11.so
  ssh-add -s /usr/lib64/opensc-pkcs11.so

The ssh-agent interface is limited so there is no way to request the
re-authentication from user, but it would be nice if this would happen
automatically, if the agent fails to provide ssh-signature from the
card.

I might have some better look into this issue later.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list