Re: Request for generic engine support
This is a discussion on Re: Request for generic engine support within the OpenSSH Development forums, part of the Networking and Network Related category; On 9 May 2008, at 03:36, Mccue, Richard Alan wrote: > >> How do you feel about PKCS#...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
4 Days Ago
|
|||
|
|||
Re: Request for generic engine support
On 9 May 2008, at 03:36, Mccue, Richard Alan wrote: > >> How do you feel about PKCS#11 ? > > I'm not sure the device I'm working with fits well with the PKCS#11 > token interface. The device is a little more complicated than a > smartcard. It can handle multiple private keys. If a dozen apps all > have different private RSA keys, each app can load its key > separately and have the device encrypt/decrypt with it. PKCS#11 is > on my list of things to investigate more deeply. Maybe later this > year I'll understand PKCS#11 a little better. Can you tell us what the device is and/or what engine you are trying to use? It sounds like an HSM - if it is then it almost certainly supports pkcs11. Using a pkcs11 enabled version of OpenSSH will most likely be easier than trying to support every different OpenSSL engine that a user might decide to use. John --- John Dickinson _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 05:37 PM.
