Dear Friends, I am trying to understand why my card gets locked.
I am testing a legacy crypto card with: * Evolution configured to load X.509 certificates. * ssh-add -s /usr/lib/opensc-pkcs11.so (gnome-keyring). * pam_p11 or pam_pkcs11 At some point, the card gets locked. # By default, the OpenSC PKCS#11 module will lock your card # once you authenticate to the card via C_Login. # This is to prevent other users or other applications # from connecting to the card and perform crypto operations # (which may be possible because you have already authenticated # with the card). Thus this setting is very secure. # # This behavior is a known violation of PKCS#11 specification, # and is forced due to limitation of the OpenSC framework. # # However now once one application has started using your # card with C_Login, no other application can use it, until # the first is done and calls C_Logout or C_Finalize. # In the case of many PKCS#11 application this does not happen # until you exit the application. # # Thus it is impossible to use several smart card aware # applications at the same time, e.g. you cannot run both # Firefox and Thunderbird at the same time, if both are # configured to use your smart card. # # Default: true lock_login = false; Any idea? What is the support for lock_login. What information do you need to debug? Of course, my setup is PCSC+libCCID. IMHO this needs to be fixes for OpenSC to become widely used under GNU/Linux. Kind regards, Jean-Michel -- Jean-Michel Pouré - Gooze - http://www.gooze.eu _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel