Lars Nordin <Lars.Nordin_at_SDlabs.se> writes:
> Hi,
>
> I'm planning to use libssh2 for an SSH klient. I will use smartcards
> for the private keys, support for the SC is implemented as an OpenSSL
> engine.
>
> Therefore I will add OpenSSL Engine support in libssh2
Hi! Why is that needed? What's wrong with using the SSH agent
interface for dealing with smartcards? That works today; I'm using my
OpenPGP smart-card with libssh2. This design approach allows libssh2 to
be smaller, and that all smart card related machinery is isolated to the
ssh-agent implementation.
> and also make some other changes, like support for an entrophy-file
> (like OpenSSH's .rnd file).
>
> I have made the SC-ENGINE and some other OpenSSL related stuff.
>
> My question is if there is anyone that have done any OpenSSL engine
> work previous in libssh2?
I did the work to abstract the crypto backend so that libssh2 works with
both libgrypt and OpenSSL. I don't want to see that ability go away, so
please design your interfaces in an abstract way so nothing is OpenSSL
specific. Ideally, for smartcards, using SSH-Agent seems more robust,
but I may be missing something here.
/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-02-15