X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/510132b69d4fdceca750f6de39b2be84c49006c8..9f2c8cb950fea61c599edeb9721aca66f4bd61f6:/openssh/README.smartcard

diff --git a/openssh/README.smartcard b/openssh/README.smartcard
index 29bec8d..69dca15 100644
--- a/openssh/README.smartcard
+++ b/openssh/README.smartcard
@@ -1,22 +1,25 @@
 How to use smartcards with OpenSSH?
 
-OpenSSH contains experimental support for authentication using Cyberflex
-smartcards and TODOS card readers, in addition to the cards with PKCS#15
-structure supported by OpenSC.
+OpenSSH contains experimental support for authentication using
+Cyberflex smartcards and TODOS card readers. 
 
-WARNING: Smartcard support is still in development.
-Keyfile formats, etc are still subject to change.
+WARNING: Smartcard support is still in development. Keyfile formats, etc
+are still subject to change.
 
-To enable sectok support:
+To enable this you need to:
 
-(1) install sectok:
+(1) install sectok
 
-	Sources and instructions are available from
+	Sources are instructions are available from
 	http://www.citi.umich.edu/projects/smartcard/sectok.html
 
-(2) enable sectok support in OpenSSH:
+(2) enable SMARTCARD support in OpenSSH:
 
-	$ ./configure --with-sectok[=/path/to/libsectok] [options]
+	$ ./configure --with-smartcard [options]
+
+	You can also specify a path to libsectok:
+
+	$ ./configure --with-smartcard=/path/to/libsectok [options]
 
 (3) load the Java Cardlet to the Cyberflex card:
 
@@ -27,11 +30,12 @@ To enable sectok support:
 
 (4) load a RSA key to the card:
 
-	Please don't use your production RSA keys, since
+	please don't use your production RSA keys, since
 	with the current version of sectok/ssh-keygen
-	the private key file is still readable.
+	the private key file is still readable
 
-	$ ssh-keygen -f /path/to/rsakey -U <readernum, eg. 0>
+	$ ssh-keygen -f /path/to/rsakey -U 1
+	(where 1 is the reader number, you can also try 0)
 
 	In spite of the name, this does not generate a key.
 	It just loads an already existing key on to the card.
@@ -56,30 +60,13 @@ To enable sectok support:
 	wrong passphrase three times in a row, you will
 	destroy your card.
 
-To enable OpenSC support:
-
-(1) install OpenSC:
-
-	Sources and instructions are available from
-	http://www.opensc.org/
-
-(2) enable OpenSC support in OpenSSH:
-
-	$ ./configure --with-opensc[=/path/to/opensc] [options]
-
-(3) load a RSA key to the card:
-
-	Not supported yet.
-
-Common smartcard options:
-
-(1) tell the ssh client to use the card reader:
+(6) tell the ssh client to use the card reader:
 
-	$ ssh -I <readernum, eg. 0> otherhost
+	$ ssh -I 1 otherhost
 
-(2) or tell the agent (don't forget to restart) to use the smartcard:
+(7) or tell the agent (don't forget to restart) to use the smartcard:
 
-	$ ssh-add -s <readernum, eg. 0>
+	$ ssh-add -s 1
 
 -markus,
-Sat Apr 13 13:48:10 EEST 2002
+Tue Jul 17 23:54:51 CEST 2001