Public key for OpenSSH

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Public key for OpenSSH

Erik Schick
Hello,

how can i generate an output file from a public key on a card compatible
or importable OpenSSH?

Greetings

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Public key for OpenSSH

Douglas E Engert


On 7/4/2014 10:13 AM, Erik Schick wrote:
> Hello,
>
> how can i generate an output file from a public key on a card compatible
> or importable OpenSSH?

pkcs15-tool --read-ssh-key $ID

>
> Greetings
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awards
> http://p.sf.net/sfu/Bonitasoft
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>


------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Public key for OpenSSH

Douglas E Engert
(See additions below)

On 7/7/2014 5:43 AM, Erik Schick wrote:

> Command doesn't seem to work.
>
> pkcs15-tool --read-ssh-key 7 -> nothing happen
>
>
> pkcs15-tool --read-ssh-key 7 --output -> 0 Byte file
>
> Here the trace output for the last command.
>
> http://pastebin.com/MhAE9PXz


If I read this correctly, you have an ECC key, using curve:brainpoolP320r1

It is not clear if OpenSSH will support the brainpoolP320r1.
It may, but It is not one of the recommended curves. See:

   http://tools.ietf.org/html/rfc5656#section-10


The pkcs15-tool with the --read-ssh=key option only supports RSA and DSA.

So you may need to try something like:

pkcs15-tool --read-public-key 01 -o /tmp/pubkey.pem
ssh-keygen -i -m pKCS8 -f /tmp/pubkey.pem

When run on NIST demo card 4 using the PIV Authentication certificate public key,
/tmp/pubkey.pem has:

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnb1nAmYPPjkCrcOvBwqF6vDnR4uN
iAwcB6JQaKik6i5ZKAezuY/ip3rBcqtEi+fYl/sNXpwUtfN4EIcMH7BYzA==
-----END PUBLIC KEY-----

and ssh-keygen outputs:
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJ29ZwJmDz45Aq3DrwcKherw50eLjYgMHAeiUGiopOouWSgHs7mP4qd6wXKrRIvn2Jf7DV6cFLXzeBCHDB+wWMw=




>
>
> Am 05.07.2014 04:55, schrieb Douglas E Engert:
>>
>> On 7/4/2014 10:13 AM, Erik Schick wrote:
>>> Hello,
>>>
>>> how can i generate an output file from a public key on a card compatible
>>> or importable OpenSSH?
>> pkcs15-tool --read-ssh-key $ID
>>
>>> Greetings
>>>
>>> ------------------------------------------------------------------------------
>>> Open source business process management suite built on Java and Eclipse
>>> Turn processes into business applications with Bonita BPM Community Edition
>>> Quickly connect people, data, and systems into organized workflows
>>> Winner of BOSSIE, CODIE, OW2 and Gartner awards
>>> http://p.sf.net/sfu/Bonitasoft
>>> _______________________________________________
>>> Opensc-devel mailing list
>>> [hidden email]
>>> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>>>
>
>

--

  Douglas E. Engert  <[hidden email]>


------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel