ben wrote: > Hello, > I am wanting to play around with smart card authentication and PGP > key storage, and hoping for some advice. All the examples that I have > seen for smart card login for linux appear to use a java card, or are > vague. The only example for PGP I have seen uses the basic card, and I > have not found any examples for use with pkinit. my current Sandbox > configuration is built around MIT's kerberos distribution (debian > stable), but as I am still expermenting at this stage if another > platform has better suport, I'm willing to look at options. > > thanks for your time and sugestions,
PKINIT is designed to use PKI, with certificates issued by a CA trusted by the Kerberos KDC. So in effect you login to the KDC, that the local machine trusts. You may also want to look at Muscle: http://www.musclecard.com/ that has an applet for smartcards, and OpenSC: http://www.opensc-project.org/opensc http://www.opensc-project.org/cgi-bin/mailman/listinfo that has support for many cards and has a pam_pkcs11 that might work with PGP authentication to a local machine. Ask on the OpenSC mail list. > ben > -- Douglas E. Engert <[email protected]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
