Huie-Ying Lee wrote:
Hmm, our 'smart cards' are USB tokens, but the name 'Token' seemed to confuse users more than 'Smart Card'. Even so most of our customers are still using "honest to God" smart cards.Hello,The pam_pkcs11 module assumpts that all PKCS#11 tokens are smartcards, so it will display "Smart card" key word in the PAM prompt message. However, most of the PKCS#11 tokens are not Smart cards. so we modified some prompt messages to avoid confusion when we ported this module to Solaris OS.
That being said, it's may be OK to move to 'Token' and start educating users. I would like the first prompt, however to as the user to insert their token. Removing the 'insert' verbage confused users who think smart card/token login is not enabled.
I would also prefer not to explicitly reference PKCS #11. While I, myself, like the standard and I'm encouraged to see it's development, this string shows up in the login screen for users trying to access their computers. They don't have a clue what a PKCS #11 module is.
bob
Attached is the patch file, please let me know if you have any comments. Thanks, Huie-Ying ------------------------------------------------------------------------ Index: src/pam_pkcs11/pam_pkcs11.c =================================================================== --- src/pam_pkcs11/pam_pkcs11.c (revision 340) +++ src/pam_pkcs11/pam_pkcs11.c (working copy) @@ -281,7 +281,7 @@} } else {pam_prompt(pamh, PAM_TEXT_INFO, NULL, - _("Please insert your smart card or enter your username.")); + _("Please enter your username.")); /* get user name */ rv = pam_get_user(pamh, &user, NULL);@@ -389,7 +389,7 @@} } } else { - pam_prompt(pamh, PAM_TEXT_INFO, NULL, _("Smart card inserted. ")); + pam_prompt(pamh, PAM_TEXT_INFO, NULL, _("Found the PKCS#11 slot with a token.")); } rv = open_pkcs11_session(ph, slot_num); if (rv != 0) { @@ -405,10 +405,10 @@ if (configuration->use_first_pass) { rv = pam_get_pwd(pamh, &password, NULL, PAM_AUTHTOK, 0); } else if (configuration->try_first_pass) { - rv = pam_get_pwd(pamh, &password, _("Smart card password: "), PAM_AUTHTOK, + rv = pam_get_pwd(pamh, &password, _("Token password: "), PAM_AUTHTOK, PAM_AUTHTOK); } else { - rv = pam_get_pwd(pamh, &password, _("Smart card password: "), 0, + rv = pam_get_pwd(pamh, &password, _("Token password: "), 0, PAM_AUTHTOK); } if (rv != PAM_SUCCESS) {------------------------------------------------------------------------_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
