- markus@cvs.openbsd.org 2010/02/08 10:50:20

[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5] replace our obsolete smartcard code with PKCS#11. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev `
author: Damien Miller <djm@mindrot.org> 2010-02-12 09:21:02 +1100
committer: Damien Miller <djm@mindrot.org> 2010-02-12 09:21:02 +1100
commit: 7ea845e48df6d34a333ebbe79380cba0938d02a5 (patch)
tree: 44ab0d3fdfe0560b7ca92f5747e9dd5d012aea18 /pathnames.h
parent: 17751bcab25681d341442fdc2386a30a6bea345e (diff)
download: openssh-git-7ea845e48df6d34a333ebbe79380cba0938d02a5.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/pathnames.h b/pathnames.h
index 80c5d9cb..32b9e065 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pathnames.h,v 1.17 2008/12/29 02:23:26 stevesk Exp $ */
+/* $OpenBSD: pathnames.h,v 1.18 2010/02/08 10:50:20 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -125,6 +125,11 @@
 #define _PATH_SSH_KEY_SIGN		"/usr/libexec/ssh-keysign"
 #endif
 
+/* Location of ssh-keysign for hostbased authentication */
+#ifndef _PATH_SSH_PKCS11_HELPER
+#define _PATH_SSH_PKCS11_HELPER		"/usr/libexec/ssh-pkcs11-helper"
+#endif
+
 /* xauth for X11 forwarding */
 #ifndef _PATH_XAUTH
 #define _PATH_XAUTH			"/usr/X11R6/bin/xauth"
author	Damien Miller <djm@mindrot.org>	2010-02-12 09:21:02 +1100
committer	Damien Miller <djm@mindrot.org>	2010-02-12 09:21:02 +1100
commit	7ea845e48df6d34a333ebbe79380cba0938d02a5 (patch)
tree	44ab0d3fdfe0560b7ca92f5747e9dd5d012aea18 /pathnames.h
parent	17751bcab25681d341442fdc2386a30a6bea345e (diff)
download	openssh-git-7ea845e48df6d34a333ebbe79380cba0938d02a5.tar.gz