smartcard user authentication

[john wendel]

On 03/27/2010 02:56 PM, Leslie S Satenstein wrote:
>
> john wendel wrote:
>  > Anyone know how to configure Fedora to use a smartcard for user
>  > login/authentication?
>  >
>  > I know that pam has a smartcard module, but I have no idea how to use
>  > it. Documentation on the web seems to be pretty old, probably obsolete.
>  >
>  > A pointer to a web site with working instructions would be much
>  > appreciated. I can ditch my Windows box at work if I can get this
> working.
>  >
>  > Regards,
>  >
>  > John
>  >
> Hi John,
>
> Could you tell us more about the smart card device? How is it hooked up
> to yur computer? Is it a part of the computer? More details would be
> helpful,
>
> -David
>
> PS: Maybe with what you learn in this experience, you could write an
> up-to-date guide.
>
>
> I know of two devices. A smart card reader and a USB plug in smart card
> device (www.spyrus.com or other vendor).
>
> You have to start the Fedora smart card driver, and then use the smart
> card interface software that comes with the card, or you have to write
> your own.
>
> The one I use is the USB device (with windows). An API was written to
> interface to the device. One has a protocol to respect. The actual
> communication with the card is via the Fedora interface.
>
>
> *------------------
>
> *
>
> Regards
>
> *
> Leslie
> *
> *Mr. Leslie Satenstein
> *
>
> <mailto:lsatenstein at yahoo.com>
> mailto leslies at itbms.biz
> www.itbms.biz
>


Thanks for the interest. Rick Stevens posted what looks to be the 
cookbook solution to the problem, using the pam_pkcs11 software. 
Googling for pam_pkcs11 points to a great website with lots of instructions.

The card reader I have is integrated into a Dell keyboard, with a USB 
connection to the computer. Next week, I'll boot the box with a live cd 
and run lsusb to get the details.

I intend to document the process (in great detail) as I go, and I'll 
publish the results.

Regards,

John