tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

multi-personality devices on NetBSD especially Yubikey devices



Hello,
There are a couple of ways of using a yubikey as a certificate source
for use with SSH. One is as a CCID device via PC/SC Lite and the other
is via GPG.
Going down the former approach, using PC/SC Lite to get setup from
scratch (ignoring keygen), install pcsc-lite (as the middleware) and
opensc (for the drivers). On NetBSD, as ukbd is attached to the yubikey,
pcscd is unable to communicate with the device requiring a kernel built
with device id hard-coded to attach to ugen.
This doesn't seem to be an issue on FreeBSD (install pcsc-lite & opensc
then off you go).
I was wondering what the difference is in our USB stacks where pcscd can
still communicate with the Yubikey without change?

I also stumbled across this old post which takes the approach of adding
a new knobs so you can re-attach a device as ugen on the fly but I can't
comment on the suitability.
https://nonakap.hatenablog.com/entry/2015/12/24/000700


Sevan


Home | Main Index | Thread Index | Old Index