Re: Why still no PKCS#11 ECC key support in OpenSSH ?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Wasn't there a proposal at one time to create something like AuthorizedKeysCommand for PKSC11 and other methods that required more complex backend processed so it could be externalized and OpenSSH could be simplified?

Ben

Damien Miller wrote:
On Mon, 13 Aug 2018, Blumenthal, Uri - 0553 - MITLL wrote:

Lack of time on the Open Source projects is understandable, and not uncommon.

However, PKCS11 has been in the codebase practically forever - the ECC
patches that I saw did not alter the API or such. It is especially
non-invasive when digital signature is concerned.

Considering how long those patches have been sitting in the queue, and
the continued interest among the users - perhaps you can prioritize
the integration?

If someone can recommend hardware and some instructions on how to
set it up that will only improve the changes of this happening sooner.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux