Am 2015-07-19 um 08:31 schrieb Stefan G. Weichinger: > Thanks. Ok, didn't yet know about that piv-tool, will build it later > this day and try it. > > The instructions there seem to be simply taken from the yubico website: > > https://developers.yubico.com/yubico-piv-tool/SSH_with_PIV_and_PKCS11.html
tldr: works ;) longer: got it working, yes ... caching the PIN with keychain did not work for me so far, but I was able to generate, rollout and use a PIV-based ssh-key on a few machines. great my todo: I roll all that into my ansible playbook which provisions my (desktop) machines so that all the fuzzing around is replayable and in turn also documented somehow. thanks so far, Stefan
