>
> > I mean, will i still need a password? like pgp encrypt password phrase?
>
> You can use passwords *and* the smart card, but the way I have seen
> Sun use them, they treated them like ignition keys in a car. Stuff it
> in the card reader and hold onto your seat as you are logged in
> without touching the keyboard.
>
> You could probably store some wierd thing on the smart card that was
> encrypted (somehow) and needs a passphrase to decrypt (the data that
> was encrypted would be then used during the authentication). But this
> sounds like a big pain in the rear. You would also do this via PAM
> (likely).
I think you can store all kind of data, but the capacity of the smart card
is the limit. Anyways,
I was using them for user authentication. The good thing is that you can
block the smartcard after 3,4..
invalid enters. So this is quite flexible from secu. perspective.
>
> > What happens if i loose my smartcard?
>
> The guy who finds it can use it like you can. Root can reset the card
> authentication, if that is what you are angling at. Its just like
> your car keys.
>
Probably you get a newone, and the serviceprovider that is responsible for
the smartcards should make
the lost card invalid.
---
deJan
