Hi there, > there are two projects supporting smartcard use in openssh (that i'm > aware of): muscle (www.linuxnet.com) and citi > (www.citi.umich.edu/projects/smartcard). the citi code is included > in openssh 3.0.2p1 (didn't check older versions). > > the muscle code uses the RSA meth attribute. > take a look at openssl/rsa.h: > ...
[snip] > however the citi code included in openssh requires the engine version > of openssl with such an openssl/rsa.h: > ... [snip] > so, if anyone has a nice idea, how i can use try both at the same time, > without haveing to openssl versions, this would be nice. The 0.9.7 development tree has merged in the 'engine' functionality and has improved it in a number of ways - so whatever either of these projects is doing will presumably unify on the next openssl release. (touch wood). In the mean time - the code that is based simply on providing an RSA_METHOD could be encapsulated in an ENGINE. If you take a look at any of the engine implementations in the 0.9.6-engine (including the 'citi' code I assume) you'll notice that it implements an RSA_METHOD that is encapsulated in a wrapper ENGINE. If you feel bold enough to do so, try wrapping the 'muscle' RSA_METHOD in an ENGINE too and you should be able to get it up an running in the 'engine' version of openssl - ie. side-by-side with the 'citi' implementation. Otherwise you could ask the muscle project if they are moving their implementation to the 'engine' API. One of us might also take a peek at some point (thanks for the URLs) but I can't guarantee when. Cheers, Geoff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
