john wendel wrote:
Anyone know how to configure Fedora to use a
smartcard for user
login/authentication?
I know
that pam has a smartcard module, but I have no idea how to use
it. Documentation on the web seems to be pretty old, probably obsolete.
A pointer to a web site with working instructions would be much
appreciated. I can ditch my Windows box at work if I can get this working.
Regards,
John
Hi John,
Could you tell us more about the smart card device? How is it hooked up to yur computer? Is it a part of the computer? More details would be helpful,
-David
PS: Maybe with what you learn in this experience, you could write an up-to-date guide.
I know of two devices. A smart card reader and a USB plug in smart card device (www.spyrus.com or other vendor).
You have to start the Fedora smart card driver, and then use the smart card interface software that comes with the card, or you have to write your own.
The one I use is the USB device (with windows). An API was written to interface to the device. One has a protocol to respect. The actual communication with the card is via the Fedora interface.
------------------
Regards Leslie Mr. Leslie Satenstein
mailto leslies@itbms.biz www.itbms.biz
On 03/27/2010 02:56 PM, Leslie S Satenstein wrote:
john wendel wrote:
Anyone know how to configure Fedora to use a smartcard for user login/authentication?
I know that pam has a smartcard module, but I have no idea how to use it. Documentation on the web seems to be pretty old, probably obsolete.
A pointer to a web site with working instructions would be much appreciated. I can ditch my Windows box at work if I can get this
working.
Regards,
John
Hi John,
Could you tell us more about the smart card device? How is it hooked up to yur computer? Is it a part of the computer? More details would be helpful,
-David
PS: Maybe with what you learn in this experience, you could write an up-to-date guide.
I know of two devices. A smart card reader and a USB plug in smart card device (www.spyrus.com or other vendor).
You have to start the Fedora smart card driver, and then use the smart card interface software that comes with the card, or you have to write your own.
The one I use is the USB device (with windows). An API was written to interface to the device. One has a protocol to respect. The actual communication with the card is via the Fedora interface.
*------------------
Regards
Leslie
*Mr. Leslie Satenstein
mailto:lsatenstein@yahoo.com mailto leslies@itbms.biz www.itbms.biz
Thanks for the interest. Rick Stevens posted what looks to be the cookbook solution to the problem, using the pam_pkcs11 software. Googling for pam_pkcs11 points to a great website with lots of instructions.
The card reader I have is integrated into a Dell keyboard, with a USB connection to the computer. Next week, I'll boot the box with a live cd and run lsusb to get the details.
I intend to document the process (in great detail) as I go, and I'll publish the results.
Regards,
John