| Summary: | Secure PIN entry for smartcards through the keypad on the reader (patch) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Dirk-Willem van Gulik <dirkx> | ||||||||
| Component: | ssh | Assignee: | Assigned to nobody <unassigned-bugs> | ||||||||
| Status: | CLOSED FIXED | ||||||||||
| Severity: | enhancement | CC: | calderon.thomas, djm, dominik | ||||||||
| Priority: | P5 | ||||||||||
| Version: | -current | ||||||||||
| Hardware: | All | ||||||||||
| OS: | All | ||||||||||
| Bug Depends on: | |||||||||||
| Bug Blocks: | 2360 | ||||||||||
| Attachments: |
|
||||||||||
Created attachment 2569 [details]
Updated patch for same.
Created attachment 2570 [details]
Simplified/merged patch
Hi, I can confirm that this works with Gemalto and Xiring USB readers with PinPad. It would be greatly appreciated if this is merged for the next release. Cheers, Thomas. *** Bug 2185 has been marked as a duplicate of this bug. *** This has been committed and will be in openssh-6.9. The final patch is: https://anongit.mindrot.org/openssh.git/patch/?id=a71ba58adf34e599f30cdda6e9b93ae6e3937eea Close all resolved bugs after 7.3p1 release |
Created attachment 2435 [details] patch for secure PIN entry Folks, Find below a minor patch to allow the use of smartcards in readers that have their own PIN entry keypads (Secure PIN entry) such as the SPR332 and most german/medical chipcard devices. Tested on Solaris, FreeBSD and MacOSX against various cards and drivers. I’ve left the pkcs11_interactive check in place. Arguably - with some Secure PIN readers it may be better to move this just in front of the keyboard entry ONLY; as there are some secure PIN keypads that use means which are somewhat suitable to unattended operation. But I thought it better to let this wait until an actual use case warrants this and/or the need for a special flag/argument to control such. Thanks, Dw.