SSH authentication using OpenPGP 2.0 smartcard
Patryk Cisek
patryk at debian.org
Thu Jan 27 16:01:20 CET 2011
I finally got it working.
Seems like there's some kind of problem with CCID for those readers
-- I'd used internal GnuPG's CCID driver until yesterday.
I've got 2 readers:
OmniKey CardMan 3121 (USB device)
OmniKey CardMan 4040 (PCMCIA device)
Both had the same problem; signing worked fine, but authentication
didn't.
Yesterday I tried to get them working with PCSC-Lite using
manufacturer's drivers:
http://www.hidglobal.com/driverDownloads.php?techCat=19
>From this moment both readers work perfectly. One minor issue is that
for 3121 (USB) I have to kill scdaemon several times in a row when
plugging in reader. For 4040 (PCMCIA), since no hot-plug mechanism,
additionally I have to (re)start pcscd.
Nevertheless works as expected now. :)
On Tue, Jan 25, 2011 at 08:39:28PM +0100, Werner Koch wrote:
> On Tue, 25 Jan 2011 18:39, kgo at grant-olson.net said:
>
> > Actually, I also needed to run 'gpgkey2ssh 0xDEADBEEF >>
> > ~/.ssh/authorized_keys" so I could ssh into the box as well.
>
> You should use
>
> ssh-add -L
>
> which gives you the public key. The comment field has the card number.
>
>
> Shalom-Salam,
>
> Werner
>
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list