diff --git a/doc/SSH_with_PIV_and_PKCS11.adoc b/doc/SSH_with_PIV_and_PKCS11.adoc index c75ba55..525c5d9 100644 --- a/doc/SSH_with_PIV_and_PKCS11.adoc +++ b/doc/SSH_with_PIV_and_PKCS11.adoc @@ -11,6 +11,8 @@ Prerequisites * a YubiKey Neo with the PIV applet loaded * the yubico-piv-tool software * the OpenSC software +* OpenSSH +** on OS X for ssh-agent to work a newer OpenSSH than is delivered with the system Steps ----- @@ -44,3 +46,13 @@ the target system. 6. Authenticate to the target system using the new key: $ ssh -I $OPENSC_LIBS/opensc-pkcs11.so user@remote.example.com + +7. This can also be setup to work with ssh-agent: (Optional) + + $ ssh-add -s $OPENSC_LIBS/opensc-pkcs11.so ++ +NOTE: On OS X this typically requires installation of a third-party OpenSSH from Homebrew or the like and using that ssh-agent. ++ +To See that the ssh-agent correctly finds that key and getting the public key in correct format: + + $ ssh-add -L