Hi Markus, Poldi tutorials are outdated. The new versions is configured differently. Poldi 0.4.1 works flawlessly with my Cryptostick token (OpenPGP card V2) for PAM authentication
I used the default /etc/poldi/poldi.conf *auth-method localdb log-file /var/log/poldi.log debug scdaemon-program /usr/bin/scdaemon * Added one line to /etc/poldi/localdb/users with CryptoStick's serial number (get it from gpg --card status | grep Application) : *D1234678912346789123467891234678 alpha* And they dumped the public key from my Cryptostick into poldi local db: *sudo poldi-ctrl -k > /etc/poldi/localdb/keys/* D1234678912346789123467891234678 The rest is pretty standard as it requires to modify pam configuration files. I keep the possibility to log in with password for the moment so I just added in /etc/pam.d/gdm /etc/pam.d/login /etc/pam.d/sudo /etc/pam.d/gnome-screensaver: *auth sufficient pam_poldi.so* That's it really! One more thing, for better stability I recommend to disable opensc daemon when using Cryptostick. I had it enabled because I was playing with a PKCSC#11 token and got all sort of problems. I also had opensc-pkcs11.so module loaded in Thunderbird that had a tendency to restart opensc daemon also. So best is to disable it too.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
