Dec 8, 2008
In part 1 I discussed how to configure NSS and OpenSSL. In part 2, I discussed how to configure pam_pkcs11 and how to test a smartcard against the NSS database we set up. In this part, I’ll discuss how to add pam_krb5 into the mix to automatically get a Kerberos ticket from an Active Directory domain using PKINIT.
Notice that this post will discuss a package that is yet to be officially released by Red Hat. Whenever this is officially released, it may have different configuration options, or different functionality. I’ll update this post at that time.
This is a preview of
Seamless Smartcard login with pam_pkcs11, and pam_krb5 against an Active Directory Domain using Red Hat Enterprise Linux 5 (Part 3)
.
Read the full post (1072 words, estimated 4:17 mins reading time)
Dec 8, 2008
At some point in time, Red Hat snuck in experimental support for NSS in OpenSSH. What does that give us? Smart Card support! This article will describe how to use it.
In another blog post, I mentioned how to configure NSS and OpenSSL; you should take a look at that if you are unfamiliar with the process, because I assume that is prerequisite knowledge. I will also assume you have a basic understanding of how public key authentication in SSH works.
Here are the steps to the process:
- Copy the NSS databases to .ssh
This is a preview of
Using NSS with OpenSSH for Smart Card Login
.
Read the full post (571 words, estimated 2:17 mins reading time)
Contact
subscribe to this archive
28 Comments 
