[Bug 791747] Re: Cannot add keys from PKCS#11 provider
Jan Krajdl
791747 at bugs.launchpad.net
Tue Jun 21 14:02:22 UTC 2011
OpenSSH version: 5.8p1-1ubuntu3
OpenSC version: 0.11.13-1ubuntu5
Which other software is ubuntu using for loading ssh agent (so I can write their versions here)
Steps to reproduce:
- you have a OpenSC compatible card/token with loaded key pair (pkcs15-tool -D prints information about private and public RSA key)
- type into terminal after login: ssh-add -s /usr/lib/opensc-pkcs11.so
- next type PIN for the security card/token
- you probably see error: SSH_AGENT_FAILURE
- now run new ssh agent (type into terminal ssh-agent and output copy to the terminal too) and repeat steps in this terminal - after typing PIN you get message "Card added: /usr/lib/opensc-pkcs11.so" and ssh-agent now knows key on the card/token - this is correct behaviour
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/791747
Title:
Cannot add keys from PKCS#11 provider
Status in “openssh” package in Ubuntu:
Incomplete
Bug description:
it's not possible to add keys from security devices with ssh-agent which is running from Ubuntu session. I'm trying to use authentication with Rainbow iKey 3000 token with OpenSC. When I after login type into terminal this:
ssh-add -s /usr/lib/opensc-pkcs11.so
and after that I type PIN to the token, I get:
SSH_AGENT_FAILURE
Could not add card: /usr/lib/opensc-pkcs11.so
When I run new ssh-agent in terminal, set env variables, this command
works OK - load keys from the token and I'm able to authenticate with
keys in them. So whole openssh agent is working OK but I think that
there is somewhere bug when Ubuntu running this agent after login.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/791747/+subscriptions
More information about the foundations-bugs
mailing list