OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: IT3 Stuart Blake Tener, USNR-R (stuartbh90210.net)
Date: Tue May 07 2002 - 19:20:57 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Mr. Phillips:

            I am curios (given your notes below) if we could specifically
    discuss using the IBM smartcard reader/writer (I presume it writes as
    well as reads) with the CAC (Department of Defense) cards. I will be
    getting a CAC card for my use, since I am a Navy Reservist. Will this
    reader/writer work with a CAC card?

            My application is to try to get these readers/writers working
    with CAC cards, since I would (a) be getting one from the Reserves
    anyway which I for sure know will be unique to me only, and (b) I might
    be able create some way of accessing Linux with it that the Navy could
    use in our command or others.

            Another very available and cheap card is the smartcard used in
    Europe for the telephones by France Telecom. I would wonder if these
    usable with Linux and this reader? Even if they cannot be programmed for
    running some type of application on them, perhaps they each have a
    unique identifier in their memory that can be read as an individual key.

    Very Respectfully,

    Stuart Blake Tener, IT3 (E-4), USNR-R, N3GWG
    Beverly Hills, California
    VTU 1904G (Volunteer Training Unit)
    stuartbh90210.net
    west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043
    east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859

    Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's
    free!)

    JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL.

    Tuesday, May 07, 2002 5:20 PM

    -----Original Message-----
    From: owner-sclinuxdrizzle.com [mailto:owner-sclinuxdrizzle.com] On
    Behalf Of Joe Phillips
    Sent: Tuesday, May 07, 2002 11:35 AM
    To: Linux Smartcard
    Subject: Re: MUSCLE Newbie has questions!

    On Mon, 2002-05-06 at 19:11, IT3 Stuart Blake Tener, USNR-R wrote:

    > Secondly, I just purchased one of the IBM laptop Smartcard
    > Security ISO7816 DTC kits available on eBay. I was told that it is
    > basically an OEM of one of the GEM cards, and they can be used under
    > Linux using CAC cards.

    I have 2 of these kits, also purchased on ebay. The reader is a GPR400
    from Gemplus. I am the maintainer of the PC/SC-lite driver for this
    reader currently. When you are ready, I can help you get the drivers
    installed.

    It sort-of works. That is, it works with some cards (in my experience)
    and doesn't with others. I got the reader to work with a Schlumberger
    Multiflex card but it won't work with my Cyberflex Access 00 Javacard
    8(. I basically reached a road-block with this problem and don't know
    how to proceed. See the MUSCLE list archives for the history.

    I would appreciate help debugging this.

    > Incidentally, the military has not yet issued me my CAC card,
    > but as I understand there is a sample smartcard that comes with the
    IBM
    > unit, no?

    Yes, there is a smartcard that comes with the IBM kit. Without
    documentation, this card will be useless to Linux unfortunately. Has
    anyone got documentation on this card? Has anyone reverse-engineered it
    at all? I know it's a Gemplus card - I assume some sort of javacard.

    > I am running RH 7.2, and have not yet installed any drivers to
    > drive smartcards under Linux.
    >
    > Where do you recommend I start?
    >
    > My goals are:
    >
    > (a) Be able to logon to Windows/XP using the smartcard, and also
    > let people logon without a smartcard in a standard way

    The IBM kit supports MS Windows out of the box. XP, I'm not sure tho.

    > (b) Have RH 7.2 be able to read information from the smartcard
    > while doing a boot up in the "initrd" stage of booting. I wish to have
    > the cards provide a key which would be used in conjunction with
    > "loop-aes" (see this package on sourceforge.net) to decrypt my root
    > partition instead of having the user enter the pass phrase via the
    > keyboard
    >
    > (c) use the smartcard also for logging on to Linux!

    (b) and (c) would depend on documentation on the smartcard you intend to
    use for authentication. Ultimately, you need software to provide the
    necessary services. We need docs in order to write the software.

    good luck,

    -joe 

    -- 
     Innovation Software Group, LLC - http://www.innovationsw.com
               Custom Internet and Computer Solutions
                   Linux, UNIX, Java Training

    ***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to majordomolinuxnet.com with
unsubscribe sclinux
***************************************************************

    ***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to majordomolinuxnet.com with
unsubscribe sclinux
***************************************************************