CVAD – No Smart Card PIN prompt seen when authenticating to Putty inside a published desktop
Article ID: CTX696658
Updated On:
Description
Putty works fine with Smart Card inside an RDP session.
Environment
Caution! Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.
Cause
Putty application exe is excluded from Citrix hooking including the smart card hook.
The Putty executable is pageant.exe and is incorrectly included in the UviPRocessExcludes registry key.
As a result, no Citrix hooks including scardhook.dll (Smart Card virtual channel hooking) are loaded for the process. Without the Smart Card Hook there is no PIN prompt.
Key: HKLM\SYSTEM\CurrentControlSet\services\CtxUvi
Value Name: UviProcessExcludes
Type: REG_SZ
Value: badapp1.exe;badlongname.ex;badapp2.exe
See https://support.citrix.com/s/article/CTX107825-how-to-disable-citrix-api-hooks-on-a-perapplication-basis
Resolution
Remove pageant.exe Entry from the UviPRocessExcludes key.
A reboot is needed for this to take effect.
Note – This scenario is not specific to Putty. If a specific application is working with Smart Cards, then the UviPRocessExcludes key should be verified.
One this is done it can be confirmed with Process Explorer that ScardHook.dll is loading in the process.
Smart Card PIN prompt should then be seen with the Putty Application.
Issue/Introduction
The PIN prompt is seen when using the smart card with other applications inside the Desktop Session.
Issue is only with Putty
