2991 – make openssh ask for pin only when needed

Bug 2991 - make openssh ask for pin only when needed

Summary: make openssh ask for pin only when needed

Status:	CLOSED FIXED

Alias:	None

Product:	ThinLinc
Classification:	Unclassified
Component:	Client (show other bugs)
Version:	pre-1.0
Hardware:	PC Linux

Importance:	P2 Enhancement
Target Milestone:	4.0.0
Assignee:	Pierre Ossman

URL:
Keywords:	hean01_tester

Depends on:
Blocks:

Reported:	2009-01-20 11:30 CET by Pierre Ossman
Modified:	2012-11-28 12:10 CET (History)
CC List:	0 users

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pierre Ossman cendio

2009-01-20 11:30:02 CET

Currently Red Hat's smart card patch for OpenSSH makes it ask for a PIN when enumerating the crypto tokens. This means that the user will enter the PIN even though the client might fail to connect to the server, or that the server won't accept the public key.

We should modify the code to only ask for the PIN once it actually needs it.

Comment 1 Pierre Ossman cendio

2012-10-01 11:00:46 CEST

This got fixed when we moved the smart card handling into tlclient.

Comment 2 Henrik Andersson cendio

2012-10-15 11:37:51 CEST

Tested using client build 3680, running tlclient with -d5 for alot of debug, i can verify that when "NEXT AUTHMETHOD: publickey" the pin dialog is showed, which somewhat confirms that ssh connection is up and pubkey auth stage has been reached berfore pin dialog is shown.

Comment 3 Henrik Andersson cendio

2012-10-15 12:22:06 CEST

Also tests was performed without the key on serverside, which brung
the dialog that the user was not authorized to connected to the server.

Note You need to log in before you can comment on or make changes to this bug.