teps for your OpenSSH pleasure:
- Download, compile and install openssl (http://www.openssl.org)
- Download OpenSSH 3.0.2p1 (http://www.openssh.com)
- Apply 'openssh-3.0.2p1-patch.diff' from this directory
- Run autoconf and autoheader
- Run configure with the argument '--with-opensc'
- Compile and install
- Extract a public key from your SmartCard in OpenSSH format
(e.g. with 'opensc-ssh -c <certificate ID> -k -o <file>')
- Transfer the public key to desired server
- Run OpenSSH with 'ssh -I <reader num>[:<certificate ID>] <host>'
(e.g. '-I 0:45' uses first available reader and certificate with
ID 45h, '-I 0' uses the first found certificate')
With luck you should be authenticated and ready to go. If it won't work,
try enabling debug information with the '-d' switch.
NOTE: PIN code is not asked by ssh when connecting. If you haven't
authenticated for the private key when connecting with PIN code,
verify the PIN with e.g. pkcs15-crypt tool.
--
Markku Degerholm <mdegerho@cc.hut.fi>