[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnupg-users
Subject:    Re: SSH authentication using OpenPGP 2.0 smartcard
From:       Patryk Cisek <patryk () debian ! org>
Date:       2011-01-27 15:01:20
Message-ID: 20110127150120.GA6230 () patryks-laptop ! softexor ! net
[Download RAW message or body]

I finally got it working.

Seems like there's some kind of problem with CCID for those readers
-- I'd used internal GnuPG's CCID driver until yesterday.

I've got 2 readers:
OmniKey CardMan 3121 (USB device)
OmniKey CardMan 4040 (PCMCIA device)

Both had the same problem; signing worked fine, but authentication
didn't.

Yesterday I tried to get them working with PCSC-Lite using
manufacturer's drivers:
http://www.hidglobal.com/driverDownloads.php?techCat=19

>From this moment both readers work perfectly. One minor issue is that
for 3121 (USB) I have to kill scdaemon several times in a row when
plugging in reader. For 4040 (PCMCIA), since no hot-plug mechanism,
additionally I have to (re)start pcscd.

Nevertheless works as expected now. :)

On Tue, Jan 25, 2011 at 08:39:28PM +0100, Werner Koch wrote:
> On Tue, 25 Jan 2011 18:39, kgo@grant-olson.net said:
> 
> > Actually, I also needed to run 'gpgkey2ssh 0xDEADBEEF >>
> > ~/.ssh/authorized_keys" so I could ssh into the box as well.
> 
> You should use
> 
>   ssh-add -L
> 
> which gives you the public key.  The comment field has the card number.
> 
> 
> Shalom-Salam,
> 
>    Werner
> 
> 
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]