[FC8] ssh and CAC card???
Jeff Krebs
jkrebs at tconl.com
Wed Dec 5 01:00:28 UTC 2007
* Todd Denniston (Todd.Denniston at ssa.crane.navy.mil) wrote:
> From what I understood, the change to openssh listed in:
> rpm -q --changelog openssh |less
> as:
> "* Wed Jun 20 2007 Tomas Mraz <tmraz at redhat.com> - 4.5p1-7
> - experimental NSS keys support
> - correctly setup context when empty level requested (#234951)
> "
> was supposed to allow the Common Access Card (CAC) to work with the shipped
> Fedora 8 ssh.
>
> As per NSS usual, everything is undocumented, i.e., `ssh-add --help` does
> not help at all, and `man ssh-add` points to `ssh-add -s reader`
> # ssh-add -s 0
> Enter passphrase for smartcard:
> SSH_AGENT_FAILURE
> Could not add card: 0
> # ssh-add -s 1
> Enter passphrase for smartcard:
> SSH_AGENT_FAILURE
> Could not add card: 1
>
> So does anyone know how to use the possible functionality, or are we
> reduced to reading the source?
>
> --
> Todd Denniston
> Crane Division, Naval Surface Warfare Center (NSWC Crane)
> Harnessing the Power of Technology for the Warfighter
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
There is a link:
http://www.nabble.com/ssh-and-CAC-t2483281.html
with some information.
You have the SmartCard setup working under Linux?
What reader are you using? I've tried the ActiveCard v2.0 USB to no
avail. Actually, this is known not to work, but I had to try anyway :)
I should have an Athena USB reader coming my way soon. Hopefully that
will allow use with FireFox.
Jeff Krebs
More information about the fedora-list
mailing list