Oh... If you wish to have LOCAL smartcard login, GINA is the right solution. But I fail to see how it extend security... :)
Example... you require smartcard to access the computer, I turn it off and boot from CDROM and access your files. Or... you require smartcard to access the computer, I turn it off and remove the harddrive and read its contents. Local security may be achieved by simply encrypting the disk (with/without) smartcard. Alon. On Tue, Feb 9, 2010 at 12:49 PM, Andreas Jellinghaus <a...@dungeon.inka.de> wrote: > Am Dienstag 09 Februar 2010 10:43:04 schrieb Alon Bar-Lev: >> No need to change gina, simple configuration will do if the CSP is >> written properly. > > but the default GINA still requires (for smart card authentication) > that the machine is part of an active directory domain, and that > the domain administrator configured smart card authentication > (e.g. by using microsoft CA connecting it with AD somehow) - I guess? > > thus pGina would be a lightwight variant to use with standalone > computers? (if it has a smart card plugin. not sure, but the > web page and forums look like it is a dead project - not many > messsages in quite a while...) > > documenting a test case for smart card authentication would be nice, > even if all that complexity is required with official microsoft > products. pGina could still be mentioned as an alternative for > different setups. > > Regards, Andreas > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
