On Tue, Oct 07, 2008 at 04:37:58PM -0500, Douglas E. Engert wrote: > The smart card reader (I am using a USB reader) is similar to the kbd, mouse > screen, speakers, microphone, dvd, and other locally attached USB devices. > They should be usable only by the console user. So what would it take > to add the smart card reader to this list of devices?
First, Solaris supports a notion of multiple seats, including remote seats (e.g., via Sun Ray). Second, the smartcard needs to be accessible during authentication. That is, before we know who the console user is. > Login type functions like pam_krb5, pam_pkcs11, and kinit > with PKINIT could tell libpkcs11 to include local reader devices. Sure. How? That is, via what PKCS#11 interface? (I'm not a PKCS#11 expert; apologies if there's something obvious.) Nico --
