Re: using an ikey3000 as keystore for openssh

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: using an ikey3000 as keystore for openssh

Torgeir Veimo
On Sun, 2005-05-22 at 19:04 +0200, Andreas Jellinghaus wrote:

> On Sunday 22 May 2005 14:53, Torgeir Veimo wrote:
> > I'm looking for information about how to use an ikey3000 as a private
> > key keystore for openssh. I've installed opensc-0.9.6-2 and
> > openct-0.6.5-2 on a modified fc4test3 system;
>
> so far we don't have code to:
>  - store a ssh key on a card
>  - openssh smartcard code needs certificates, a key alone is not enough.
>
> so you can create a new rsa key on your card, create a self signed
> certificate, store that certificate on the card, download the public
> key in openssh format and use the card with openssh.
>
> the QUICKSTART file in opensc should have all the information you need.

Thanx! Have gotten a bit more into my head how it's supposed to work
now, but unfortunately, openssh-4.0p1 as default in fc4test3 doesn't
come comfigured with --with-sectok so I guess I need to install from
source..

[torgeir@africa openssh-4.0p1]$ ssh -I 1 mail.hmm.com
no support for smartcards.

--
Torgeir Veimo <[hidden email]>

_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: using an ikey3000 as keystore for openssh

Andreas Jellinghaus-2
On Tuesday 24 May 2005 01:59, Torgeir Veimo wrote:
> Thanx! Have gotten a bit more into my head how it's supposed to work
> now, but unfortunately, openssh-4.0p1 as default in fc4test3 doesn't
> come comfigured with --with-sectok so I guess I need to install from
> source..

I have no idea what --with-sectok does, but the right configure flag
is --with-opensc.

Regards, Andreas
_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-user