Doug Engert
Doug Engert
You originally said: "I do not understand why both OpenPGP and PKCS11 cannot be used at the same time." I believe this caused by (As Mouse said:) "the bone-headed GnuPG...
Also note https://piv.idmanagement.gov/engineering/ssh/ is a U.S Gov site which says to download PuTTY-CAC v0.70u5 from https://www.github.com/NoMoreFood/putty-cac/releases It has Putty based on 0.73. (CAC cards are used in the military and...
Maybe. If you have a Yubico with only OpenPGP certs it would make the testing easier. Putty-CAC may not be able to handle a 4096 byte. In Putty-CAC SSH->Certificates cspi...
Trying to use 32bit vs 64-bit is to complicated. Putty uses the registry to hold sessions `HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions` (SimonTatham is original author of Putty) This means sessions can be mixed up....
And one other alternative. Use some combination of the Yubico PKCS11 and ykmd.dll or windows PIV driver Change the opensc.conf to 'card_drivers = openpgp;` Dont use the GunPG stuff at...
You may want to try [OpenSC 0.20.0-rc3](https://github.com/OpenSC/OpenSC/releases) but note that some of the command line options have changed. You must use `pkcs15-tool --read-certificate ` Also try to list all objects:...
Putty-CAC shows the certificates in order to allow the user to select one. Using the NIST demo card 1, I selected the Auth cert then saved a Putty session "nist-demo-1-9A"...
If you really want OpenPGP and are willing to make changes to Putty-CAC you could use a OpenPGP card without certificates. Using PKCS11-SPY and a NIST demo 1 card, SPY...
OpenSC currently can only access one applet per card, because of how it loads drivers. It cannot load two drivers that access the same card but different applets. See #1263...
pkcs11-tool calls C_SetPIN with pOldPin and pNewPin. Many smartcards have a "PUK" used by the user to unlock the user pin. But PKCS11 does not define a "PUK". So it...