Oh... If you wish to have LOCAL smartcard login, GINA is the right solution.
But I fail to see how it extend security... :)

Example... you require smartcard to access the computer, I turn it off
and boot from CDROM and access your files.
Or... you require smartcard to access the computer, I turn it off and
remove the harddrive and read its contents.

Local security may be achieved by simply encrypting the disk
(with/without) smartcard.

Alon.

On Tue, Feb 9, 2010 at 12:49 PM, Andreas Jellinghaus <a...@dungeon.inka.de> 
wrote:
> Am Dienstag 09 Februar 2010 10:43:04 schrieb Alon Bar-Lev:
>> No need to change gina, simple configuration will do if the CSP is
>> written properly.
>
> but the default GINA still requires (for smart card authentication)
> that the machine is part of an active directory domain, and that
> the domain administrator configured smart card authentication
> (e.g. by using microsoft CA connecting it with AD somehow) - I guess?
>
> thus pGina would be a lightwight variant to use with standalone
> computers? (if it has a smart card plugin. not sure, but the
> web page and forums look like it is a dead project - not many
> messsages in quite a while...)
>
> documenting a test case for smart card authentication would be nice,
> even if all that complexity is required with official microsoft
> products. pGina could still be mentioned as an alternative for
> different setups.
>
> Regards, Andreas
> _______________________________________________
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to