ssh no pin authentication

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

ssh no pin authentication

Onno J. van der Heijden
Hi,

I was trying to have ssh without having to put the smartcard pin in such that i can type:

ssh -I 0 host

And login will go on from there without asking for the pin.

I tried to do this by putting my private, and certificate on with the option --insecure in pkcs15-init.

However, when doing ssh -I 0 host i get:

iso7816.c:98:iso7816_check_sw: Security status not satisfied
card-flex.c:1026:cryptoflex_compute_signature: Card returned error: Security status not satisfied
sec.c:53:sc_compute_signature: returning with: Security status not satisfied
pkcs15-sec.c:331:sc_pkcs15_compute_signature: sc_compute_signature() failed: Security status not satisfied
sc_pkcs15_compute_signature() failed: Security status not satisfied
ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0)
Permission denied (publickey).

Is there anyway to do what I am trying to do?

Thanks

OJ
_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-user
Reply | Threaded
Open this post in threaded view
|

Re: ssh no pin authentication

Jan Schermer
You can use ssh-agent to add the identity (protected by PIN), thus  
only having to enter it once. I have been using this for quite a long  
time without a problem.
I have not tried disabling PIN completely though.

Jan

On 12.1.2006, at 18:50, Onno J. van der Heijden wrote:

Hi,

I was trying to have ssh without having to put the smartcard pin in  
such that i can type:

ssh -I 0 host

And login will go on from there without asking for the pin.

I tried to do this by putting my private, and certificate on with the  
option --insecure in pkcs15-init.

However, when doing ssh -I 0 host i get:

iso7816.c:98:iso7816_check_sw: Security status not satisfied
card-flex.c:1026:cryptoflex_compute_signature: Card returned error:  
Security status not satisfied
sec.c:53:sc_compute_signature: returning with: Security status not  
satisfied
pkcs15-sec.c:331:sc_pkcs15_compute_signature: sc_compute_signature()  
failed: Security status not satisfied
sc_pkcs15_compute_signature() failed: Security status not satisfied
ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0)
Permission denied (publickey).

Is there anyway to do what I am trying to do?

Thanks

OJ
_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-user


_______________________________________________
opensc-user mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-user

smime.p7s (2K) Download Attachment