Menu
▾
▴
Re: [Opensc-devel] Notes on OpenSC PAM integration
|
From: Jakub J. <jj...@re...> - 2021-01-21 13:37:46
|
On 1/18/21 7:59 PM, Kaya Saman via Opensc-devel wrote: > Hi, > > > upon advice I bought a Feitian A22 Java card. I managed to get it to > work with PAM integration and wanted to share my notes on the procedure > as a lot of the information was scattered around or using a previous > version of OpenSSL; eventually I used about 20 or more? different sites > to figure out the below. > > > Maybe it could be put onto a Wiki somewhere? It is working on Arch Linux > and a Lenovo P15 notebook with SmartCard Reader option installed. > Feel free to find a wiki to update or create a new one on github: https://github.com/OpenSC/OpenSC/wiki/ Or Arch has one wiki too if I am right. Note, that some of the paths and pam modules are really specific to Arch and they will not work in other distros. > > INSTALL > ------- > > INSTALL IsoApplet TO CARD AND GENERATE PUBLIC KEY: This generates also a private key (which is IMHO more important than the public one). But not sure where do you use this key as you generate one more later. The other possibility is to use sssd to handle the smart card authentication (to sudo, gdm, anything), which I consider a bit more straight-forward (but I do not have a guide at hand just now). Regards, -- Jakub Jelen Senior Software Engineer Crypto Team, Security Engineering Red Hat, Inc. |
