mailing list archives
Re: Smart Card - Sun.
From: "Dejan" <sneaker () freemail org mk>
Date: Sat, 9 Nov 2002 18:27:23 +0100
I mean, will i still need a password? like pgp encrypt password phrase?
You can use passwords *and* the smart card, but the way I have seen
Sun use them, they treated them like ignition keys in a car. Stuff it
in the card reader and hold onto your seat as you are logged in
without touching the keyboard.
You could probably store some wierd thing on the smart card that was
encrypted (somehow) and needs a passphrase to decrypt (the data that
was encrypted would be then used during the authentication). But this
sounds like a big pain in the rear. You would also do this via PAM
I think you can store all kind of data, but the capacity of the smart card
is the limit. Anyways,
I was using them for user authentication. The good thing is that you can
block the smartcard after 3,4..
invalid enters. So this is quite flexible from secu. perspective.
What happens if i loose my smartcard?
The guy who finds it can use it like you can. Root can reset the card
authentication, if that is what you are angling at. Its just like
your car keys.
Probably you get a newone, and the serviceprovider that is responsible for
the smartcards should make
the lost card invalid.