Matthias Barmeier wrote:
> Karsten Ohme schrieb:
>
>>Matthias Barmeier wrote:
>>
>>
>>>Hi,
>>>
>>>unfortunately login fails :( gdm says that he cannot read .muscle/user.cert.
>>>For now I cannot explain what wents wrong because the user.cert is readable
>>>for all.
>>
>>
>>Look in your /etc/musclepam/... or how it is called. Maybe the cert path
>>is not correct. It should look in ${HOME}/.muscle/user.cert.
>
> I checked it with login, but the same problem occurrs. This is my
> /etc/musclepam/pam-muscle.conf
>
> Debug = ON # Debug ON or OFF
> CertNumber = 0 # Certificate number to use
The above was your previous problem! The certNumber specifies the key to
use and this is 0! So the keys 1 and 2 never worked. This is mentioned
in the README, but not clearly enough.
> PinNumber = 1 # Pin number to verify
> UserPath = /home/ # Path to user home directory
Try to comment the UserPath out. Maybe this helps.
> CertName = user.cert # User Certificate in DER format
> RootCACert = /etc/musclepam/root.cert # Root CA certificate
> LDAPHost = unsupported # Web-server with LDAP
> LDAPPath = unsupported # Search path in LDAP
> AuthMode = UserCert # RootCert or UserCert - see README
Karsten
>
> -----
> My auth log says this:
>
> Nov 27 15:25:18 endavor login[5314]: cannot read certificate from
> /home/barmeier/.muscle/user.cert
> ------
>
> But:
> [EMAIL PROTECTED]:/home$ more /home/barmeier/.muscle/user.cert
> -----BEGIN PUBLIC KEY-----
> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7
> 61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY
> UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr
> MmaBZxz+OrChmMi3bQIDAQAB
> -----END PUBLIC KEY-----
>
>
> And same as root:
> endavor:/home# more /home/barmeier/.muscle/user.cert
> -----BEGIN PUBLIC KEY-----
> MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7
> 61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY
> UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr
> MmaBZxz+OrChmMi3bQIDAQAB
> -----END PUBLIC KEY-----
>
> The login fails everytime.
> This my console output when logging in:
> endavor login: barmeier
> Welcome
> Please enter pin:
> pin = 00000000
>
> Random value =
> 2cbf473d171bd55ea2aee9a96b0588dba7275d40b7fb724f297a707c103396029d4c7f6918dc5e22f41491d61273783d8cbed2d0a5b65a7503a54226ba88b9df1e88c373fbe065243ac8dd002f2b5314e88bd839560666791f0ba85b2d5d04e2f294a454913e2e587065ba2cf733c298b38712622a83deba68c17ceabb7d042d
>
> Cipher value =
> 20b637c2f27840d3b7c97a408178ef509e4cfec769ce50e7121396f3aae57ed2addd908e6d92a478d799e8b5e17182152bb437d59b62bc48f8d2c8bb761496ef7f9b226c97975764d7de0b855c6d68944b3062b9fc28320823d7c5ca76761241d3169b499ed818f1d854bfea7c5301ef194b4d5180666f7d88eb2f6e5c2f8cfb
>
> Password:
>
>
> Has my b2fs failed ??
> What can I do ??
>
> Ciao
> Matze
>
>
>
>>And enable DEBUG in this file. gdm is not a suitable way to log in and
>>to find the error. You must do it at the console, so you can see the
>>debug infos.
>>
>>Karsten
>>
>>
>
> _______________________________________________
> Muscle mailing list
> [email protected]
> http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
