HSM + OpenSC for ssh-keys - using pkcs11-lib without pin?

Background: I am currently trying to automate some server processes and want that a special user is connecting via ssh from one server to the next. witout HSM I could use keys without a passphrase, so that a public key (only) login is possible. I now try to secure the private key by using the HSM.
I currently run into the trouble, that I can’t provide the user pin for the HSM when I am using the ssh configuration with “PKCS11Provider /usr/local/lib/opensc-pkcs11.so
I could ignore the errors I get out of the library (C-GetAttributeValue failed: 18 ), but then I need to enter the UserPin. (The connection then works) .

Question: Is there trick to provide also the HSM User Pin to the library ? Maybe a special setting in opensc.conf ?

[Update] The errors “C-GetAttributeValue failed:18” are from keys on the HSM that could not be used with OpenSSH - strange behaviour of the opensc-pkcs11.so lib (should not throw an error)

The is no such mechanism to preset the PIN. You could need to create your own version of OpenSC to has such a mechanism implemented.

Thanks for the confirmation. I was afraid hearing that. Also some features are not working ( e.g. limitations of no of keys to read. ) :banana: software