Hi Sim, Here are some yes-only-questions to track down the problem:
1. Does mucleTool's encrypt and PIN-authentication work with your musclecard/terminal/pcsc setup? 2. Does an 'ldd pam_musclecard.so' find all linked libraries, with an unset LD_LIBRARY_PATH? 3. If you use a Root CA cert, is it configured in /etc/pam-muscle.conf; is your card cert signed by this CA cert? or 3. If you use a user cert, is it configured in /etc/pam-muscle.conf? 4. Does your system have an account named exactly like the first part of the email field in the DN entry of your X509 card cert? I cannot test the effects of the following, since my distributin uses a slightly different pam setup, this is more a suggestion: login: #%PAM-1.0 auth required /lib/security/pam_securetty.so #auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_musclecard.so auth required /lib/security/pam_nologin.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so Maybe someone else has more experience with your setup. Cheers Martin _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
