[CentOS] A naive question respecting x.509 logins

m.roth at 5-cent.us m.roth at 5-cent.us
Wed Apr 16 21:00:12 UTC 2014


James B. Byrne wrote:
> I have been looking at replacing our current login systems with a single
> login solution.  In the process I managed to get sidetracked into
investigating
> pam_pkcs11.  My question, which no doubt reveals the depth of my
> ignorance, is: Can a simple USB flash memory stick be configured to work
with this or
> some similar module of which I as yet know nothing?
>
> Everything I have managed to find about this method of loging on to CentOS
> implies that either a special smart-card and dedicated reader or a
> purpose-built usb smart-token is required.  Is this in fact so?  Is there
> no way to just use a standard usb flash memory 'key' to achieve the same
> effect?

Not sure. All I know is from our usages, and as this is a US government
facility, we have our PIV-II cards... and use pcscd which uses pkcs11.

        mark




More information about the CentOS mailing list