Bug 2991 - make openssh ask for pin only when needed
Summary: make openssh ask for pin only when needed
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Client (show other bugs)
Version: pre-1.0
Hardware: PC Linux
: P2 Enhancement
Target Milestone: 4.0.0
Assignee: Pierre Ossman
Keywords: hean01_tester
Depends on:
Reported: 2009-01-20 11:30 CET by Pierre Ossman
Modified: 2012-11-28 12:10 CET (History)
0 users

See Also:
Acceptance Criteria:


Description Pierre Ossman cendio 2009-01-20 11:30:02 CET
Currently Red Hat's smart card patch for OpenSSH makes it ask for a PIN when enumerating the crypto tokens. This means that the user will enter the PIN even though the client might fail to connect to the server, or that the server won't accept the public key.

We should modify the code to only ask for the PIN once it actually needs it.
Comment 1 Pierre Ossman cendio 2012-10-01 11:00:46 CEST
This got fixed when we moved the smart card handling into tlclient.
Comment 2 Henrik Andersson cendio 2012-10-15 11:37:51 CEST
Tested using client build 3680, running tlclient with -d5 for alot of debug, i can verify that when "NEXT AUTHMETHOD: publickey" the pin dialog is showed, which somewhat confirms that ssh connection is up and pubkey auth stage has been reached berfore pin dialog is shown.
Comment 3 Henrik Andersson cendio 2012-10-15 12:22:06 CEST
Also tests was performed without the key on serverside, which brung
the dialog that the user was not authorized to connected to the server.

Note You need to log in before you can comment on or make changes to this bug.