https://bugzilla.mindrot.org/show_bug.cgi?id=2638
--- Comment #5 from Jakub Jelen <[email protected]> --- Unfortunately ... but you can try that with your yubikey and with OpenSC if you load the private key in the "SIGN KEY" slot 9c [0]. Note, that after [1] being merged in OpenSC last year, the trick with only single login does not work anymore so in the proposed patch, we should drop the did_login variable, otherwise it will not work (at least with OpenSC pkcs11 module). Therefore, in the single-shot connection, the pin is asked twice, which is unfortunate, but probably closest to the PIV specification. One note for the code style: + struct pkcs11_slotinfo *si; + CK_FUNCTION_LIST *f; + CK_BBOOL flag = 0; + CK_ATTRIBUTE attr; + CK_RV rv; ^-- misaligned indentation (missing space in flag, attr) [0] https://developers.yubico.com/PIV/Introduction/Certificate_slots.html [1] https://github.com/OpenSC/OpenSC/pull/1256 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
