Re: Call for testing: OpenSSH 8.0

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 5 Apr 2019, Jakub Jelen wrote:

> There is also changed semantics of the ssh-keygen when listing keys
> from PKCS#11 modules. In the past, it was not needed to enter a PIN for
> this, but now.
> 
> At least, it is not consistent with a comment in the function
> pkcs11_open_session(), which says
> 
>  727  * if pin == NULL we delay login until key use
> 
> Being logged in before listing keys prevents bug #2430, but as a side
> effect, even the ssh can not list keys before login and if the
> configuration contains a PKCS#11 module, the user is always prompted
> for a PIN, which is not very user friendly.
> 
> I see this is a regression and the bug #2430 should get solved as
> proposed in the patches (will need some tweaks after the big
> refactoring).

We'll take a look at this (and the other things you just reported)
after the release is done.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux