smart card login system

Alex Mauer hawke at
Thu May 3 18:16:53 UTC 2007

Brian Fahrlander wrote:
> Tomoki Taniguchi wrote:
>> I am trying to find instructions on replacing/augmenting the login
>> procedure by using a smart card reader.
>> I want to either replace the standard username and password login
>> system completely,
>> or augment the system by requiring the insertion of the smart card
>> pior to being able to login
>> Can anyone help me find instructions on how to get this to work with ubuntu?
>    The operative part is called PAM, Pluggable Authentication Modules.
> If you'll look into some LDAP setups, you'll see how they add another
> means of authenticating to the existing system.  Reading up on PAM is a
> great start.
>     You'll have to have some code that reads the device, let PAM know
> about it...and exactly what else is unclear.

That should be pretty much it.  Relevant packages in Ubuntu:
libpam-poldi (OpenPGP smart cards)
libpam-p11 (PKCS#11 smart cards)
libpam-rsa (not really a smartcard, just an RSA key on a USB drive)
libpam-musclecard (MuscleCard smartcards)

Just to note though: configuring PAM is a major pain in the butt, and
very very hard to get right.

-Alex Mauer "hawke"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the ubuntu-users mailing list