Anyone know how to configure Fedora to use a smartcard for user login/authentication?
I know that pam has a smartcard module, but I have no idea how to use it. Documentation on the web seems to be pretty old, probably obsolete.
A pointer to a web site with working instructions would be much appreciated. I can ditch my Windows box at work if I can get this working.
Regards,
John
john wendel wrote:
Anyone know how to configure Fedora to use a smartcard for user login/authentication?
I know that pam has a smartcard module, but I have no idea how to use it. Documentation on the web seems to be pretty old, probably obsolete.
A pointer to a web site with working instructions would be much appreciated. I can ditch my Windows box at work if I can get this working.
Regards,
John
Hi John,
Could you tell us more about the smart card device? How is it hooked up to yur computer? Is it a part of the computer? More details would be helpful,
-David
PS: Maybe with what you learn in this experience, you could write an up-to-date guide.
On 03/25/2010 09:14 PM, john wendel wrote:
Anyone know how to configure Fedora to use a smartcard for user login/authentication?
I know that pam has a smartcard module, but I have no idea how to use it. Documentation on the web seems to be pretty old, probably obsolete.
A pointer to a web site with working instructions would be much appreciated. I can ditch my Windows box at work if I can get this working.
The primary RPM is pam_pkcs11. If you want GDM logins, install the gdm-plugin-smartcard RPM as well.
As to configuration, point a web browser at
file:///usr/share/doc/pam_pkcs11-0.5.3/pam_pkcs11.htm
Skip down to chapter 5, as it's already been compiled and installed. Note that the stuff in Chapter 7 of that document about login autodetect is handled by the gdm-plugin-smartcard RPM.
The gdm login stuff is pretty simple. GDM will display a "Smartcard" user. Select it and hit ENTER. It should see your smartcard and ask for a PIN. Off you go. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, C2 Hosting ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "Do you suffer from long-term memory loss?" "I don't remember" - - -- Chumbawumba, "Amnesia" (TubThumping) - ----------------------------------------------------------------------