[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hardware device

On 12/3/22 17:46, Dennis Gnatowski wrote:
I’m trying to use the library with keys stored in a hardware device to transfer file(s) via SFTP to a remote server.

I did get things working using the sftp client (Linux) with the “-i <pkcs11 uri>” and “-o <PKCS11Provider=>” options.

This is OpenSSH, completely different implementation than libssh. But the usage should be as close as possible.

I tried putting the PKCS11 URI in the SSH_OPTIONS_IDENTITY option with no success.

What errors you got? Libssh 0.10.x should already have support for the pkcs11 uris.

How do I specify or pass-in the PKCS11 Provider to the library?

In Fedora, the libssh is using p11-kit proxy, which groups all the registered in p11-kit. Or you can pass the pkcs11 provider path through the pkcs11 uri.

Jakub Jelen
Crypto Team, Security Engineering
Red Hat, Inc.

Re: Hardware deviceDennis Gnatowski <dennis@xxxxxxxxx>
Hardware deviceDennis Gnatowski <dennis@xxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org