[CentOS] Re: About strongs passwords! -- PAM

Fri May 13 16:15:12 UTC 2005
Bryan J. Smith <b.j.smith@ieee.org> <thebs413 at earthlink.net>

From: Paul Heinlein <heinlein at madboa.com>
> Can you comment on any of the smart-card hardware that you've used?

Actually, given the occupation I just switched back to last month, I'd
better not right now (I'm still "testing the waters" on what disclosure
is allowable).  I've used them in 2 industries -- defense and financial --
but there's no reason why many others can't.

The priniciples to SmartCards are pretty simple.
You send in a public key encrypted information
(typically a symmetric key or maybe a challenge string),
you get the information out.
Then you can use that information as appropriate.

The SmartCard is used only for 1 small operation on the _client_ for the user.
(although you can also use them on the server too, for the services).
And via PAM, you can route all sorts of authentication through it.

I'll send you some links when I have time early next week
(I'm on the road / in the air all weekend starting in a few minutes).
There are a lot of more "consumer" SmartCard capabilities out there,
nothing of which I've used personally.


--
Bryan J. Smith   mailto:b.j.smith at ieee.org