libpam-poldi + OpenPGP_card documentation

Chris McClimans chris at hippiehacker.org
Wed Mar 23 16:16:00 CET 2016


I am trying to use gpg smart cards to locally authenticate logging
into my laptop (running arch).

I'm using several yubikeys, and several smartcards that suppport
OpenPGP_card standard but I've yet to see clearly how to configure it
enough to get any logs created.

My reading so far on poldi 0.4.1(-8 on arch):

I've looked at the info files and readme's distributed with arch:

# pacman -Ql poldi | grep -v /$
poldi /etc/logrotate.d/poldi
poldi /etc/pam.d/system-auth-poldi
poldi /etc/poldi/poldi.conf
poldi /usr/bin/pam-test-poldi
poldi /usr/bin/poldi-ctrl
poldi /usr/lib/security/pam_poldi.so
poldi /usr/share/info/poldi.info.gz
poldi /usr/share/poldi/localdb/keys/README
poldi /usr/share/poldi/localdb/users
poldi /usr/share/poldi/poldi.conf

>From a while back: https://www.schiessle.org/howto/poldi.php

poldi-ctrl --register-card doesn't seem to work any more

>From 2006: http://blogs.fsfe.org/greve/?p=64

Doesn't have enough info for me to replicate for systemd based console logins.

>From 2012: http://walter.silvergeeks.com/rechner/howto/how-to-anmeldung-mit-smart-card-oder-usb-token-am-lokalen-linux-system

Has some info, but it may be that I've lost some details in the google
translation.

pam-test-poldi is shipped with the arch package, and I've tried
looking for poldi.log but it never seems to get created.



More information about the Gnupg-devel mailing list