Hi Alphazo, thanks for this great howto. I got it working right away. Where I still have problems: The gnome-keyring (seahorse), still demands the user-password. Also I often have to unplug and replug the reader to authenticate. This works, but it is very inconvenient.
Regards, Markus On 2010-11-27 08:31, wrote: > Hi Markus, > > Poldi tutorials are outdated. The new versions is configured > differently. Poldi 0.4.1 works flawlessly with my Cryptostick token > (OpenPGP card V2) for PAM authentication > > I used the default /etc/poldi/poldi.conf > /auth-method localdb > log-file /var/log/poldi.log > debug > scdaemon-program /usr/bin/scdaemon > / > Added one line to /etc/poldi/localdb/users with CryptoStick's serial > number (get it from gpg --card status | grep Application) : > /D1234678912346789123467891234678 alpha/ > > And they dumped the public key from my Cryptostick into poldi local db: > /sudo poldi-ctrl -k > > /etc/poldi/localdb/keys//D1234678912346789123467891234678 > > The rest is pretty standard as it requires to modify pam configuration > files. I keep the possibility to log in with password for the moment > so I just added in /etc/pam.d/gdm /etc/pam.d/login > /etc/pam.d/sudo /etc/pam.d/gnome-screensaver: > /auth sufficient pam_poldi.so/ > > That's it really! > > One more thing, for better stability I recommend to disable opensc > daemon when using Cryptostick. I had it enabled because I was playing > with a PKCSC#11 token and got all sort of problems. I also had > opensc-pkcs11.so module loaded in Thunderbird that had a tendency to > restart opensc daemon also. So best is to disable it too.
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
