version 1.2, 2001/07/26 20:22:13 |
version 1.3, 2001/07/26 22:19:42 |
|
|
In spite of the name, this does not generate a key. |
In spite of the name, this does not generate a key. |
It just loads an already existing key on to the card. |
It just loads an already existing key on to the card. |
|
|
(5) tell the ssh client to use the card reader: |
(5) optional: |
|
|
|
Change the card password so that only you can |
|
read the private key: |
|
|
|
$ sectok |
|
sectok> login -d |
|
sectok> setpass |
|
sectok> quit |
|
|
|
This prevents reading the key but not use of the |
|
key by the card applet. |
|
|
|
Do not forget the passphrase. There is no way to |
|
recover if you do. |
|
|
|
(6) tell the ssh client to use the card reader: |
|
|
$ ssh -I 1 otherhost |
$ ssh -I 1 otherhost |
|
|
(6) or tell the agent (don't forget to restart) to use the smartcard: |
(7) or tell the agent (don't forget to restart) to use the smartcard: |
|
|
$ ssh-add -s 1 |
$ ssh-add -s 1 |
|
|