diff options
| author | Jim Rees <rees@cvs.openbsd.org> | 2001-07-26 22:19:43 +0000 |
|---|---|---|
| committer | Jim Rees <rees@cvs.openbsd.org> | 2001-07-26 22:19:43 +0000 |
| commit | 5d56aaf83e71f55f713f88d1d3cb8972a3a35e82 (patch) | |
| tree | 10e4420e7090059da61534dcbad4df856b39b38a /usr.bin/ssh | |
| parent | e07abeaf01e979a706a0593ee59f1ee1af177479 (diff) | |
add instructions for changing the passphrase
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/README.smartcard | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/usr.bin/ssh/README.smartcard b/usr.bin/ssh/README.smartcard index 7587a86c97d..d0134cfbf6e 100644 --- a/usr.bin/ssh/README.smartcard +++ b/usr.bin/ssh/README.smartcard @@ -37,11 +37,27 @@ need to: In spite of the name, this does not generate a key. It just loads an already existing key on to the card. -(5) tell the ssh client to use the card reader: +(5) optional: + + Change the card password so that only you can + read the private key: + + $ sectok + sectok> login -d + sectok> setpass + sectok> quit + + This prevents reading the key but not use of the + key by the card applet. + + Do not forget the passphrase. There is no way to + recover if you do. + +(6) tell the ssh client to use the card reader: $ ssh -I 1 otherhost -(6) or tell the agent (don't forget to restart) to use the smartcard: +(7) or tell the agent (don't forget to restart) to use the smartcard: $ ssh-add -s 1 |