Thu Jul 28 17:39:16 UTC 2016 , m.roth at 5-cent.us wrote:
What I used to do was ssh-add -s libcoolkeypk11.so. It would then ask for a PIN, and add it. Now, it still asks for the PIN, but then announces that it failed to add it to the agent.
Not sure if this is good or bad news :-/ On up to date RHEL6.8 the following looks like it worked.
$ ssh-add -D All identities removed. $ ssh-add -s libcoolkeypk11.so Enter passphrase for PKCS#11: Card added: libcoolkeypk11.so $ ssh-add -l #lists all three expected finger prints. $ ssh -XA PKIneedingUser@localhost [PKIneedingUser@localhost]$
Nothing good is ever easy.
Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract.