From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QBBHU-0003Rn-0g for garchives@archives.gentoo.org; Sat, 16 Apr 2011 19:35:47 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B89C21C011; Sat, 16 Apr 2011 19:34:10 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 79BC21C011 for ; Sat, 16 Apr 2011 19:34:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 139171B4058 for ; Sat, 16 Apr 2011 19:34:10 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Score: -0.532 X-Spam-Level: X-Spam-Status: No, score=-0.532 required=5.5 tests=[BAYES_00=-2.599, RCVD_NUMERIC_HELO=2.067] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C6eZKcy0Lbvt for ; Sat, 16 Apr 2011 19:34:03 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by smtp.gentoo.org (Postfix) with ESMTP id BB51D1B404C for ; Sat, 16 Apr 2011 19:34:02 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QBBFl-0002qO-KS for gentoo-user@gentoo.org; Sat, 16 Apr 2011 21:33:57 +0200 Received: from 77.109.121.141.adsl.dyn.edpnet.net ([77.109.121.141]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Apr 2011 21:33:57 +0200 Received: from gvm999 by 77.109.121.141.adsl.dyn.edpnet.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 16 Apr 2011 21:33:57 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: deadeyes Subject: [gentoo-user] smartcard issues Date: Sat, 16 Apr 2011 19:33:44 +0000 (UTC) Message-ID: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: sea.gmane.org User-Agent: Loom/3.14 (http://gmane.org/) X-Loom-IP: 77.109.121.141 (Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.16) Gecko/20110330 Gentoo Firefox/3.6.16) X-Archives-Salt: X-Archives-Hash: 76f9c0026a56cc41162fcb48090cd064 Hi all, For logging in to servers we now use smartcards. For windows this works fine, however for Linux and Mac OS X it doesn't. The smartcards are from Raaktechnologies. THis is the output of openct-tool atr: Detected CCID Compatible Card present, status changed ATR: 3b f8 13 00 00 81 31 fe So it seems that the card is detected. HOwever when doing: pkcs15-tool -D [pkcs15-tool] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders failed: 0x8010002e [pkcs15-tool] reader-pcsc.c:1015:pcsc_detect_readers: returning with: No readers found Using reader with a card: CCID Compatible [pkcs15-tool] reader-openct.c:324:openct_reader_transmit: unable to transmit [pkcs15-tool] apdu.c:394:do_single_transmit: unable to transmit APDU [pkcs15-tool] reader-openct.c:324:openct_reader_transmit: unable to transmit [pkcs15-tool] apdu.c:394:do_single_transmit: unable to transmit APDU [pkcs15-tool] card-default.c:66:autodetect_class: APDU transmit failed: Generic reader error [pkcs15-tool] card-default.c:113:default_init: unable to determine the right class byte [pkcs15-tool] card.c:202:sc_connect_card: driver 'Default driver for unknown cards' init() failed: Card is invalid or cannot be handled [pkcs15-tool] card.c:213:sc_connect_card: unable to find driver for inserted card [pkcs15-tool] card.c:228:sc_connect_card: returning with: Card is invalid or cannot be Failed to connect to card: Card is invalid or cannot be handled I think that this tool has no driver for reading this card. They supplied me with a library: libcmP11.so. I tried adding it to opensc.conf and got a message that it was not a valid driver. Using pkcs11-tool: pkcs11-tool -I \ --module /home/gvm/smartcard/raaksign-linux-471-x64/libcmP11.so Cryptoki version 2.11 Manufacturer charismathics gmbh Library cm PKCS#11 module (ver 4.8) No slots. So it seems that this is a pkcs11 library. However I always get no slots and it isn't usable on any rdesktop connection. I have following packages and there use flags: net-misc/rdesktop-1.6.0-r4 alsa ipv6 pcsc-lite rdpusb dev-libs/openct-0.6.20-r1 Upcsc-lite usb dev-libs/opensc-0.11.13-r2 openct pcsc-lite readline ssl zlib sys-apps/pcsc-lite-1.7.2-r1 USE="(-usb)" ldd of the library shows that all dependencies are met. I have to say I have no experience using smartcards and I am not sure how the different tools interact: opensc-tool openct-tool pcscd pkcs11-tool pkcs15-tool,... In the end what should be possible is login to an rdesktop connection. On my previous portable I came somewhere I actually could type in my pin code (on the remote desktop) however after that it failed. Now I can't even got it to work to that stage. The SmartCard reader I have is one that is internally connected through usb: Bus 002 Device 005: ID 0a5c:5801 Broadcom Corp. BCM5880 Secure Applications Processor with fingerprint swipe sensor All help/troubleshooting tips/... are welcome! Thanks in advance!