Public bug reported: OpenSSH client doesn't support Eliptics Curve keys on PKCS11 smartcard
ssh-keygen -v -D /usr/lib/libeTPkcs11.so debug1: manufacturerID <SafeNet, Inc.> cryptokiVersion 2.20 libraryDescription <SafeNet eToken PKCS#11> libraryVersion 9.1 debug1: label <Evgeny Khorkin> manufacturerID <SafeNet, Inc.> model <eToken> serial <> flags 0x60d C_GetAttributeValue failed: 18 debug1: X509_get_pubkey failed or no rsa debug1: X509_get_pubkey failed or no rsa debug1: X509_get_pubkey failed or no rsa no keys cannot read public key from pkcs11 pkcs11-tool --module /usr/lib/libeTPkcs11.so -O ... Public Key Object; EC EC_POINT 256 bits EC_POINT: 04410474c5423bd0aa44b7825b3e79cd839e06736b18466b131d0884dbf8d946fbdc7f3297e73b998acf56550c303dc972a4dec51b9a3b746d3fe9fb4a44bd84b080fc EC_PARAMS: 06082a8648ce3d030107 label: TestECCpair Usage: encrypt, verify, wrap There is upstream bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2474 Suggested patch: https://bugzilla.mindrot.org/attachment.cgi?id=2728 release: Ubuntu 16.04.2 LTS openssh version: 7.2p2-4ubuntu2.1 ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1665695 Title: OpenSSH PKCS#11 interface does not support ECC. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1665695/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
