[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: Re: OpenSC smartcard access should use raw public keys,
From: "Alon Bar-Lev" <alon.barlev () gmail ! com>
Date: 2008-08-02 5:13:54
Message-ID: 9e0cf0bf0808012213u4c171d9dwf45eda68b1e65ec3 () mail ! gmail ! com
[Download RAW message or body]
On 8/2/08, Peter Stuge <stuge-openssh-unix-dev@cdy.org> wrote:
> On Fri, Aug 01, 2008 at 06:16:01PM +0300, Alon Bar-Lev wrote:
> > > how do you propose for OpenSSH to be able to make use of both keys?
> >
> > Oh... you truly got a problem.... I understand why you discuss this
> > now... I would recommend choosing a different smartcard.
>
>
> The problem is that this is a reality even for Cryptoflex eGate
> users. Since it used to be the gold standard OpenSC card I would
> appreciate a good solution for it. Granted, it has been unavailable
> for a while, but I expect many to still have them in use.
Maybe a better solution is to implement on disk storage for public
objects which will be available as if they were on token?
This will allow the users to use their token with other
applications... We discuss here OpenSSH, but please keep in mind that
it is only one application with not-so-good smartcard support
built-in.
Users would like to use Firefox, OpenVPN, PSI and other software. All
require a certificate on token.
Alon.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic