Go to content

SSH OpenSSH

Guide to using OpenSSH with PKCS11

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an insecure network. The best known application example is for remote user login to computer systems.

SSH provides a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command line login and remote command execution, but any network service can be secured with SSH.

OpenSSH is a remote access tool that uses the SSH protocol. Instructions for installing it on Windows can be found here.

Environment configuration

  1. Install the HSM client (minimum version 4.7.10). This can be downloaded.

  2. Configuring PKCS11 using DINAMOcon.

  3. To use OpenSSH, you need to configure the user/password and ip in the PKCS11 tab of DINAMOcon's Environment Configuration. After opening DINAMOcon, click on Environment Configuration and then on the PKCS11 menu. Fill in the fields and apply the configuration.

    Dinamocon PKCS11
    Dinamocon PKCS11

  4. Certificates in the HSM need to have an association with the key; if it hasn't been imported by DINAMOcon, you may need to create this association. The key and the certificate also need to be named correctly, with the certificate having the same name as the key with a __cer_ postfix. To create the association, simply open the certificate table by going to Certificates on the home screen and then clicking on the Certificates menu.

    Dinamocon Certificates
    Dinamocon Certificates

Using OpenSSH

To use OpenSSH, simply open a prompt and use the command:

ssh -I c:\library_directory\tacndp11.dll

By default the library is installed in the path:

C:\Program  Files\Dinamo  Networks\HSM Dinamo\sdk\c