[EMAIL PROTECTED] wrote:
> Hi there.
>
> I'm in a strange situation, my company has bought a smartcard system.
> Unfortunatly the system only works with windows terminals and I'd like
> to use it to authenticate users on linux boxes.
> I have installed the windows program and using an usb monitor i've
> been able to find out some of the commands and where the basic
> informations are.
>
> I know where the unique user id is stored. (i'm able to "read bin"
> it using scriptor for example)
> I also have dumps of the pin code verification. (it uses 04 20
> but i guess i could verify it without secure messaging for a start)
>
> I don't know exactly the content of the smartcard, and obviously i
> don't want to change it since it's mainly used by some other windows
> applications. (pretty sure I can't change it anyway)
>
> I'd like to be able to allow users to logon (gdm) using their
> card+pin_code.
> (the userid on the card is a valid unique unix username. i'm already
> using {pam,nss}-ldap)
>
>
> How could I easily achieve that ?
> Quickly looking at muscleframework sources (and also at opensc) i
> think i can adapt a card-driver. But before doing so, i prefer to ask
> if cleaner/easier soluion may alreay exist.
You can take MusclePAM:
http://svn.debian.org/wsvn/muscleapps/trunk/MusclePAM/?rev=0&sc=0
and communicate with pcsc-lite to the card using you reengineered APDUs.
Karsten
>
>
> also, it seems the windows program uses the "select file key" command
> (to authenticate the card if i understand correctly).
> What do I need to know/find to be able to do the same under linux ? (i
> guess i'm lacking some crucial informations/key here)
>
> any help would be greatly appreciated.
>
> thanks
>
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
