Georg C. F. Greve wrote: > * Remote SSH logins with crypto card authentication > > Problem two was to do remote logins via SSH with authentication > through the smart card. There was a problem with the gpg-agent that > did not do PIN caching, and thus was somewhat annoying to use in real > life. Werner just addressed this problem, and now it works rather > flawlessly. > > The gpg-agent replaces the ssh-agent for authentication, and it is > possible to do remote securely authenticated OpenSSH logins. You can > find information here: > > > http://www.fsfe.org/fellows/greve/freedom_bits/authenticating_ssh_logins_with_the_fellowship_crypto_card >
Are you aware of the PKCS#11 for OpenSSH solution (http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=113977188917865&w=2)? PKCS#11 is a standard interface to access cryptographic tokens, the OpenSSH patch support the use of any PKCS#11 provider with OpenSSH. I just hope that someday OpenPGP card will also have PKCS#11 provider, so it can be used by other applications, and the other way around... gpg will use PKCS#11 providers in order to support many card types. Best Regards, Alon Bar-Lev. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
