Re: Smart Card - Sun.

["Dejan" <sneaker () freemail org mk>]

> > I mean, will i still need a password? like pgp encrypt password phrase?
>
> You can use passwords *and* the smart card, but the way I have seen
> Sun use them, they treated them like ignition keys in a car.  Stuff it
> in the card reader and hold onto your seat as you are logged in
> without touching the keyboard.
>
> You could probably store some wierd thing on the smart card that was
> encrypted (somehow) and needs a passphrase to decrypt (the data that
> was encrypted would be then used during the authentication).  But this
> sounds like a big pain in the rear.  You would also do this via PAM
> (likely).

I think you can store all kind of data, but the capacity of the smart card
is the limit. Anyways,
I was using them for user authentication. The good thing is that you can
block the smartcard after 3,4..
invalid enters. So this is quite flexible from secu. perspective.

> > What happens if i loose my smartcard?
>
> The guy who finds it can use it like you can.  Root can reset the card
> authentication, if that is what you are angling at.  Its just like
> your car keys.
Probably you get a newone, and the serviceprovider that is responsible for
the smartcards should make
the lost card invalid.


---
deJan