From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45026) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fCNZH-0002zK-AG for guix-patches@gnu.org; Sat, 28 Apr 2018 06:59:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fCNZG-0004g4-Kt for guix-patches@gnu.org; Sat, 28 Apr 2018 06:59:03 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:33720) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fCNZG-0004fw-GK for guix-patches@gnu.org; Sat, 28 Apr 2018 06:59:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fCNZG-00088h-8V for guix-patches@gnu.org; Sat, 28 Apr 2018 06:59:02 -0400 Subject: [bug#31298] [PATCH 0/2] Add some packages related to security tokens Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:44812) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fCNYD-0002ie-BX for guix-patches@gnu.org; Sat, 28 Apr 2018 06:57:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fCNYC-0004JO-OK for guix-patches@gnu.org; Sat, 28 Apr 2018 06:57:57 -0400 Received: from mail-pf0-x230.google.com ([2607:f8b0:400e:c00::230]:33117) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fCNYC-0004J1-HD for guix-patches@gnu.org; Sat, 28 Apr 2018 06:57:56 -0400 Received: by mail-pf0-x230.google.com with SMTP id f15so3348647pfn.0 for ; Sat, 28 Apr 2018 03:57:56 -0700 (PDT) From: Chris Marusich Date: Sat, 28 Apr 2018 03:57:13 -0700 Message-Id: <20180428105713.18157-1-cmmarusich@gmail.com> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 31298@debbugs.gnu.org Cc: Chris Marusich Hi Guix! These two patches add opensc and yubico-piv-tool. The former is useful because, among other reasons, its PKCS#11 shared library can be used with an SSH agent to fetch credentials from a smart card (such as a YubiKey). The latter is useful for interacting with the PIV application on a YubiKey. I have verified that both of these work on my system for those purposes, with a YubiKey. To successfully use the OpenSC PKCS#11 shared library with an SSH agent, you need to take care to start your ssh-agent with the -P option to whitelist the path of the library's .so file. If you don't do that, then any attempt to invoke ssh-add with the -s option will fail with a generic message. Chris Marusich (2): gnu: Add opensc. gnu: Add yubico-piv-tool. gnu/packages/security-token.scm | 91 +++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) -- 2.17.0