hatter/yubikey
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
5dadc5642cc6eb4a091601ea5c2171126d47bfb8
yubikey/pkcs11-ssh.md
Hatter Jiang 11ea448cac Update 'pkcs11-ssh.md'
2024-08-18 15:02:19 +08:00

34 lines
960 B
Markdown
Raw Blame History

> OpenSC Official Repo: https://github.com/OpenSC/OpenSC <br>
> PKCS#11 libraries:
> - `/Library/OpenSC/lib/opensc-pkcs11.so`
> - `/usr/local/lib/libykcs11.dylib`
OpenSSH can work with PKCS#11:
```shell
ssh-keygen -D /Library/OpenSC/lib/opensc-pkcs11.so
ssh -I /Library/OpenSC/lib/opensc-pkcs11.so root@example.com
```
Config `~/.ssh/config` also works:
```plain
PKCS11Provider /Library/OpenSC/lib/opensc-pkcs11.so
```
<br>
OpenSSH with PKCS#11 aliases:
```
alias ssh-keygeni='ssh-keygen -D /Library/OpenSC/lib/opensc-pkcs11.so'
alias sshi='ssh -I /Library/OpenSC/lib/opensc-pkcs11.so'
alias sshif='ssh -o "ForwardAgent yes" -I /Library/OpenSC/lib/opensc-pkcs11.so'
alias scpi='scp -o "PKCS11Provider /Library/OpenSC/lib/opensc-pkcs11.so"'
```
<br>
# Reference
1. https://github.com/tpm2-software/tpm2-pkcs11/blob/master/docs/SSH.md
1. https://github.com/ThomasHabets/simple-tpm-pk11
1. https://ubuntu.com/server/docs/smart-card-authentication-with-ssh
Reference in New Issue View Git Blame Copy Permalink