bits | andy smith's blog » pkcs http://andys.org.uk/bits random stuff from the mind of a twenty-something professional geek Mon, 16 Apr 2012 00:39:54 +0000 en hourly 1 http://wordpress.org/?v=3.3.2 OpenSSH and OpenSC for Debian and Ubuntu http://andys.org.uk/bits/2009/12/23/openssh-and-opensc-for-debian-and-ubuntu/ http://andys.org.uk/bits/2009/12/23/openssh-and-opensc-for-debian-and-ubuntu/#comments Wed, 23 Dec 2009 02:27:04 +0000 Andy Smith http://andys.org.uk/bits/?p=8 I’m using OpenSC at the moment so that I can repurpose an otherwise unused Aladdin eToken to hold SSH keys. I could go through the process involved in setting up the token, but as this chap has already done a thorough job, I won’t go into detail.

Unfortunately, the openssh-client package from Debian (and Ubuntu) doesn’t enable OpenSC support. It’s trivial to rebuild the package with OpenSC support, but for those who don’t want to or can’t for some reason, I’ve put my rebuilt, OpenSC-enabled packages here.

Once installed, if your token is set up correctly, you should be able to get your SSH public key from the card with:-

ssh-keygen -D <card>

…which should give you something like:-

ssh-rsa AAAA .. .. .. t8/Q==
1024 65537 14233 .. .. .. 70941

You can then add your private key to a running SSH agent with:-

ssh-add -s <card>

Pop in your PIN, and ssh should function as if you were using a normally-generated key.

]]> http://andys.org.uk/bits/2009/12/23/openssh-and-opensc-for-debian-and-ubuntu/feed/ 1