ssh-smart v0.0.1

by Alexandre Dulaunoy adulau@conostix.com

ssh-smart is a basic proof-of-concept of ssh identity on smartcard. 
The smartcard, used to store the ssh identity, is a memory card (I2C 16KBIT/2048 bytes).


For the moment, we use the smartcard (from René Puls) program used to establish
communication with the reader and the memory card.
It has only been tested with the Towitoko chip drive micro but could work 
with other card reader terminal driver using the CT-API library.
The project is now only a proof-of-concept and a lot has to be done to have
a reliable to store ssh identity (and OpenPGP in futre) in a secure way.
The initial release is created to push and initiate idea, new concept and
software around this (or similar) idea. 


Don't hesitate to send me any comments.


DOWNLOAD
 
http://www.thinkingsecure.com/ssh-smart/files/

INSTALL

tar xvfz ssh-smart-0.0.1.tar.gz
cd ./ssh-smart-0.0.1
./compile 
... You will see a lot of ouput with the smartcard program compilation, if all is ok 
the compilation will be done.

DEPENDS 

Perl 5
CT-API driver lib (check http://www.linuxnet.com/)

USING

./ssh-smart-add

 This program call ssh-keygen and put the ssh identity on the smartcard. This program 
 is normally used once. 


./ssh-smart-addagent

 This program reads the identity on the memory card and put it in the ssh-agent. 

BUGS/IDEA/PATCH

 report to adulau@conostix.com

TODO

* Use C instead of perl scripting.
* Multiple identity 
* Store with additional encryption and better data format
* Support of PIN memory card
* Debugging smartcard program


LICENSE

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, 
USA.