After configuring pageant against a smartcard via CAPI, scp works.
Rebooting the machine, logging in and running pageant, scp works again, without asking the end user for the PIN to unlock the smartcard. This suggests the end user's PIN is being stored somewhere on the machine, compromising the PIN to anyone with access to the machine.
After configuring pageant against a smartcard via CAPI, scp works.
Rebooting the machine, logging in and running pageant, scp works again, without asking the end user for the PIN to unlock the smartcard. This suggests the end user's PIN is being stored somewhere on the machine, compromising the PIN to anyone with access to the machine.
Can this behaviour be confirmed?