Hi, this is Nao from the University of Michigan.
We did Kerberos authenticaion with a smartcard (user key stored in the card)
http://www.citi.umich.edu/techreports/reports/citi-tr-98-7.ps.gz
and SSH, PGP with a smartcard (private keys stored in the card)
http://www.citi.umich.edu/techreports/reports/citi-tr-98-8.ps.gz.
(both will appear in USENIX/Smartcard workshop in Chicago in May)
Although they are written in OpenBSD, if someone wants to, or wants me
to, extend them to Linux and integrate with PAM, I think we can do
that. If we can use smartcards for Kerberos, SSH and PGP in Linux, I
think it would be great (secure and convenient) ...
Pls. tell me what you think.
--
Naomaru Itoi <[EMAIL PROTECTED]>
Ph.D. candidate / GSRA
http://www-personal.engin.umich.edu/~itoi/
Center for Information Technology Integration, University of Michigan
http://www.citi.umich.edu/
> I think we are *really* on to something here - a truly useful
> Linux/smartcard app.
>
> At the moment, we are doing some work with smartcard authentication at UT,
> but for now it is restricted to NT 5 (build 1974). I sure would like to get
> my Linux box into that loop & be 1 step ahead for the "stampede" Dennis
> talks about ;^).
>
> Is there anyone working on card-based PAMs at this time?
>
> Regards,
>
>
>
> Eduardo
>
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Morten Norman <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Wednesday, March 03, 1999 11:50 AM
> Subject: Re: MUSCLE applications? (was: Re: Bouncer)
>
>
> ><snip>
> >>Single sign-on on Linux would be a valuable application.
> >>The market for this application is huge especially when
> >>the migration from NT to Linux becomes a stampede.
> >>
> >>Dennis Wier
> >
> >This gives some hope!
> >
> >There already is a demonstration PAM (Pluggable Authentication
> >Modules) application in MUSCLE! I guess someone will extend it when it's
> >"application time".
> >
> >My experience of PAM is almost nil, but as I understand, most Linuxes
> >already uses it. It's just that it asks for a password in the default
> >setup.
> >
> >Was it plug'n play they called it? :-)
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************