On gio, 2014-03-20 at 11:29 +0200, Jussi Laako wrote: > On 20.3.2014 1:57, Bumjin Im wrote: > > Now I think we need to consider login manager which I didn't thought yet. > > I just integrated 0.0.2 version of TLM and as the version number > indicates, it is still early version, but eventually it would hopefully > address the needs on Tizen. There's also a preliminary NFC plugin (not > built yet in Tizen, needs more packages).
I would like to know more on that component but doc seem to be still in version 0.0.1. Have you some data to share or should I RTFC? > One way we were thinking of is to use gsignond for secondary key storage > layer and then to just have a master key in /etc/shadow. > Passphrase/tag/fob decrypts a master key that is then sent to PAM for > login authentication. Or alternatively write a PAM plugin that talks to > gsignond. Seems linked to https://01.org/gsso When do you plan to add it in tizen? Best regards José > gsignond can be easily used much like a smart card device. One way is to > use X.509 and then system uses a local symmetric key (equivalent of PIN) > to decrypt X.509 private key on NFC tag which can then be used to sign a > challenge to be verified against locally stored X.509 public key (cert). > This way private key is not stored on the system while the private key > on the NFC can only be read by the system it belongs to. It also allows > other uses of the X.509 such as S/MIME or purchases. > > Or alternatively use a stack of encrypted key files. > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
