smart card login system

Alex Mauer hawke at hawkesnest.net
Thu May 3 18:16:53 UTC 2007


Brian Fahrlander wrote:
> Tomoki Taniguchi wrote:
>> I am trying to find instructions on replacing/augmenting the login
>> procedure by using a smart card reader.
> 
>> I want to either replace the standard username and password login
>> system completely,
>> or augment the system by requiring the insertion of the smart card
>> pior to being able to login
> 
>> Can anyone help me find instructions on how to get this to work with ubuntu?
> 
>    The operative part is called PAM, Pluggable Authentication Modules.
> If you'll look into some LDAP setups, you'll see how they add another
> means of authenticating to the existing system.  Reading up on PAM is a
> great start.
> 
>     You'll have to have some code that reads the device, let PAM know
> about it...and exactly what else is unclear.
> 

That should be pretty much it.  Relevant packages in Ubuntu:
libpam-poldi (OpenPGP smart cards)
libpam-p11 (PKCS#11 smart cards)
libpam-rsa (not really a smartcard, just an RSA key on a USB drive)
libpam-musclecard (MuscleCard smartcards)

Just to note though: configuring PAM is a major pain in the butt, and
very very hard to get right.

-Alex Mauer "hawke"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070503/7d43dd84/attachment.pgp>


More information about the ubuntu-users mailing list