pam_pkcs11

Daurnimator quae at daurnimator.com
Tue Mar 21 00:11:23 CET 2017


On 20 March 2017 at 23:37, shawn wilson <ag4ve.us at gmail.com> wrote:
> On Mar 20, 2017 08:26, "Eugene Crosser" <crosser at average.org> wrote:
> On 03/20/2017 05:06 AM, shawn wilson wrote:
>
>> As I'm looking to implement smartcard local login, it looks like the
>> pam module doesn't use scdaemon. gpgsm can create my csr (which is
>> awesome), but opensc doesn't work when gpg-agent is running, so I'm
>> thinking that neither will pam.
>
> I wonder if it has something to do with this problem?
>
> https://bugs.gnupg.org/gnupg/issue2053
>
> I use Yubikey for local logins (not via its openpgp function), and I
> have to run patched scdaemon in order to keep the token reachable by the
> processes other than gnupg.
>
> Eugene
>
> That was what I was referring to wrt pkcs11_scd (he made a full scdaemon
> replacement - possibly more stable / better)

This seems like something that could be fixed with my request about
decoupling gpg-agent from scdaemon.
http://gnupg-devel.gnupg.narkive.com/iZ6cvOeG/way-to-use-existing-scdaemon



More information about the Gnupg-devel mailing list