http://bugzilla.mindrot.org/show_bug.cgi?id=589
Summary: scard-opensc.c: load only those keys for which there's a
private key
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Smartcard
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: larsch@trustcenter.de
sc_get_keys loads the public keys from every certificate stored
on the smartcard. Therefore public keys of CA certificate (or other
certs for which there's no corresponding private key on the smartcard)
are loaded into the ssh-agent. This has (at least) two drawbacks:
a) loading certificates from a smartcard is slow and
b) the useless public keys might confuse the user (which keys of the
'ssh-add -L' output are actually usable in .ssh/authorized_keys).
Regards,
Nils
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: scard-opensc.c: load only those keys for which there's a
private key
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Smartcard
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: larsch@trustcenter.de
sc_get_keys loads the public keys from every certificate stored
on the smartcard. Therefore public keys of CA certificate (or other
certs for which there's no corresponding private key on the smartcard)
are loaded into the ssh-agent. This has (at least) two drawbacks:
a) loading certificates from a smartcard is slow and
b) the useless public keys might confuse the user (which keys of the
'ssh-add -L' output are actually usable in .ssh/authorized_keys).
Regards,
Nils
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.