Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Muscle] Networking Smart Cards
From: Simon Richter (Simon.Richterin.tum.de)
Date: Wed Apr 20 2005 - 03:54:50 CDT
Peter Åstrand schrieb:
> I'm trying to find a solution for "networking" smart cards. The context
> is thin clients, say LTSP (www.ltsp.org). Smart card readers connected
> to the client should be usable from the terminal server. I know that
> protocols such as RDP supports smart card redirection, but I'd like to
> have a standalone solution, running over a simple TCP connection.
I have something in the works for that: I plan to write a generic
resource forwarding framework which would ultimately also be able to
forward smartcards (which need special handling for local PIN entry).
I'm going to use X11's ICE as a transport protocol in the beginning, as
I don't need to care about authentication then -- simply start the
program that exports the reader as root, have it open the reader and
drop privileges, then open a window and announce "If you need a smart
card reader, talk to the owner of this window" in the window properties.
This way, I only need to care about trusted vs. untrusted X11 clients
(which is trivial) instead of finding out who is connected to the local
terminal etc., and I get ssh forwarding for free.
The project is not very far yet. I am basically experimenting with ICE,
as I have never used it before. I expect to have some proof-of-concept
forwarding code for some simple device in about two weeks.
Muscle mailing list
- application/pgp-signature attachment: OpenPGP digital signature