You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 16, 2020. It is now read-only.
I'm trying to test this project using the following environment:
Raspberry pi 3 loaded with the latest Raspbian
Infineon OPTIGA SLB 9670XQ2.0
Patched kernel to enable the TPM usage.
I'm currently able to access and manage the TPM using the TSS libraries.
I've created the TPM key following the provided guide, copied the default config.sample file to ~/.tpm2/config but when I try to extract the public key using ssh-keygen I get the following error:
C_Initialize for provider /usr/lib/arm-linux-gnueabihf/pkcs11/libtpm2-pk11.so failed: 5
cannot read public key from pkcs11
Do you have any idea why this happens?
Thanks
The text was updated successfully, but these errors were encountered:
MMaiero
changed the title
Unable to access TPM
Unable to use OpenSSH with TPM
Sep 14, 2018
Please configure a log file in config and set the log level to 5 (debug) and upload the log file after running ssh-keygen. Could you also run tpm2_listpersistent so I have a overview of the available keys in the tpm?
Regarding the log file, I have not found documentation about it. I've just found an issue that suggested to setup the config file like this:
# Type can be device/socket/tabrmd
type device
# Hostname to connect when using socket
hostname localhost
# Port number of TPM socket to connect to
port 2321
# Device to use as TPM
device /dev/tpm0
# Sign using encrypt in case TPM doesn't support hash format
# For example SSH use SHA512 which isn't supported by all TPM's
# Enabling this option requires key's to be encryption keys instead of signing only keys
sign-using-encrypt true
# Set login_required in case keys are protected by a password
# Notice currently only a single password for all keys is supported
# Depending on the TPM settings, providing wrong passwords can lead to a lockout
login-required false
# Logging settings
# Supported log levels:
# 0=>None(no messages at all by default)
# 1=>Infomation(only errors and warning are recorded)
# 2=>Verbose(including errors, warnings and verbose logs)
# 3=>Debug(including errors, warnings and all debugging messages)
# The following lines will enable this experimental logging feature.
log-level 5
log /var/log/pk11.log
# Built-in keywords stderr and stdout may be used here.
# If you want to print the log messages directly on command line,
# change the "log /path/to/file.log" line like this:
# log stderr
is it correct? Because I'm getting no log file.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm trying to test this project using the following environment:
I'm currently able to access and manage the TPM using the TSS libraries.
I've created the TPM key following the provided guide, copied the default config.sample file to ~/.tpm2/config but when I try to extract the public key using ssh-keygen I get the following error:
Do you have any idea why this happens?
Thanks
The text was updated successfully, but these errors were encountered: