https://bugzilla.mindrot.org/show_bug.cgi?id=2429
Bug ID: 2429
Summary: ssh-keygen ignores keys that have CKA_ID == 0
Product: Portable OpenSSH
Version: 6.9p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Smartcard
Assignee: [email protected]
Reporter: [email protected]
Created attachment 2670
--> https://bugzilla.mindrot.org/attachment.cgi?id=2670&action=edit
Do not require to return ID from token
Based on our investigation of Smart Cart usability with openSSH we
found several minor problems that were filled in our red hat bugzilla
[1]. The another is problem again with softHSM. It is returning empty
ID, which is not handled by keygen correctly.
The length check was added based on the bug #1773. It is fine to skip
certificates that have empty values. But requiring non-empty ID is not
preferred way because:
* the ID is not used anywhere in ssh-keygen
* some tokens do not provide ID
The example is again softHSM2 token, which returns ID length of zero
and in current ssh-keygen is silently ignored.
This token has also the need to login, before even public key can be
accessed (not rare example), but it will be described in other report,
since it will require more changes.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1241873
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
