589 – scard-opensc.c: load only those keys for which there's a private key

Bug 589 - scard-opensc.c: load only those keys for which there's a private key

Summary: scard-opensc.c: load only those keys for which there's a private key

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	Smartcard (show other bugs)
Version:	-current
Hardware:	All Linux

Importance:	P2 enhancement
Assignee:	OpenSSH Bugzilla mailing list

URL:
Keywords:

Depends on:
Blocks:

Reported:	2003-06-05 19:02 AEST by Nils Larsch
Modified:	2004-04-14 12:31 AEST (History)
CC List:	0 users

See Also:

Attachments
proposed fix (952 bytes, patch) 2003-06-05 19:04 AEST, Nils Larsch	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nils Larsch 2003-06-05 19:02:50 AEST

sc_get_keys loads the public keys from every certificate stored
on the smartcard. Therefore public keys of CA certificate (or other
certs for which there's no corresponding private key on the smartcard)
are loaded into the ssh-agent. This has (at least) two drawbacks:
a) loading certificates from a smartcard is slow and
b) the useless public keys might confuse the user (which keys of the
   'ssh-add -L' output are actually usable in .ssh/authorized_keys).

Regards,
Nils

Comment 1 Nils Larsch 2003-06-05 19:04:00 AEST

Created attachment 324 [details]
proposed fix

Comment 2 Damien Miller 2003-06-05 19:19:50 AEST

Fix applied - thanks.

Comment 3 Damien Miller 2004-04-14 12:31:27 AEST

Mass change of VERIFIED bugs to CLOSED