[EMAIL PROTECTED] wrote:
>
> is the openssh-ce in the muscleframework the newer one,
> or the one on the smartsign webpage ?
The one from SmartSign webpage is the original one and was
compiled with the first release of Muscle Card Edge API.
This version is preconfigured for using 1 single PIN on the
card for key generation/rewrite/use (PIN n.0). This was
done to make people play with it in the easiest way.
The one from MuscleFramework should be compatible with latest
Muscle Card Framework (including header renames...) and uses
(more correctly) 2 different PINs: n.0 ("transport pin") for
key generation/rewrite, PIN n.1 for key usage. David told me
all of this but I still didn't check by myself if everything
is ok.
> could not get openssh-ce working due to openssl issues
> (discussed in some other email).
I agree that openssl-engine is a good starting point instead
of having the RSA METHOD stuff. Eventually future releases
of OpenSSH-CE will adopt the engine paradigm. But before
wasting time on this, I want to be sure that it is possible
to integrate the Muscle Card Edge support into OpenSSH in
a modular way (as it was NOT the case for OpenSSH-2.9p2).
As far as I know, in the 3.x release, they used some
openssl-engine features, so maybe integration is modularizable.
Hope this helps, regards,
Tommaso.
--
/------------------------------------------------\
| Dr. Tommaso Cucinotta <[EMAIL PROTECTED]> |
+------------------------------------------------+
| Scuola Superiore di Studi Universitari |
| e Perfezionamento S.Anna |
| Pisa Italy |
\------------------------------------------------/
***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to [EMAIL PROTECTED] with
unsubscribe sclinux
***************************************************************
