⭕9A

PIV: Authentication

This certificate and its associated private key is used to authenticate the card and the cardholder. This slot is used for things like system login. The main purpose of the slot 9A key is for authentication, or more specifically, tasks like SSH.

PIN POLICY: PIN must be provided to perform any private key operations. PIN can be cached / remembered for a short period of time. PIN policy can only be changed for a slot if PIV certificate imported using ykman command-line.

The instructions on this page are used for the tutorial SSH Authentication.

Two different tutorials on generating this certificate / key are available to choose from depending on your perferred method:

Method	Desc
Microsoft Certreq	Generates a certificate for this slot using the Microsoft Certreq command-line.
OpenSSL	Generates this certificate using the OpenSSL library.