Control: tag -1 wishlist Control: forwarded -1 https://bugzilla.mindrot.org/show_bug.cgi?id=2817
On Wed, Oct 24, 2018 at 03:29:32PM +0300, Karen Arutyunov wrote: > When I specify PKCS#11 URL as a key file for ssh-add, it fails: > > $ ssh-agent -s >~/ssh-agent.env > $ source ~/ssh-agent.env > Agent pid 579 > $ ssh-add "pkcs11:token=auth;object=PIV%20AUTH%20pubkey" > pkcs11:token=auth;object=PIV%20AUTH%20pubkey: No such file or directory > > I would expect it to work as on Fedora: It looks like support for this is only in a (rather large) Fedora-specific patch: https://src.fedoraproject.org/cgit/rpms/openssh.git/tree/openssh-7.6p1-pkcs11-uri.patch I don't understand this well enough to incorporate it, especially as it would be larger than any of the individual patches we're currently carrying (even larger than the GSSAPI key exchange patch, which is already a significant maintenance headache). The author of this patch set sent it upstream here: https://bugzilla.mindrot.org/show_bug.cgi?id=2817 I'd very much rather wait for it to be accepted there. Thanks, -- Colin Watson [[email protected]]
