Login auf Linux möglich?


#1

Hallo,

ist es möglich sich mit dem Stick auf Linux anzumelden? Die Methoden in der Doku scheinen ja nicht mehr zu funktionieren.


#2

Hi!

What Linux distribution do you use?


#3

Hi! I have the same question for Kubuntu 17.04. Can I use the stick to secure the user login?


#4

Hello,

did you already try this documentation? https://www.nitrokey.com/documentation/applications#os:linux&a:computer-login

It works like a charme. Although it seems a bit tricky first.

So here is what you need:

  • You already generated and inserted keys to the stick.
  • Install the packages (apt-get update && apt-get install gnupg libpam-poldi libccid).
  • Add the serial of your key and your username to the file /etc/poldi/localdb/users
  • Add the public key to /etc/poldi/localdb/keys/<your serial>
  • Tell Pam to use poldi for login. You must probably look at someting like /etc/pam.d/kdm-* as you use Kubuntu.

This is just a short overview. Please look at the detailed instructions mentioned above. Please just tell me, if you stuck anywhere.

Kind regards
Alex


#5

Hi @nitroalex

Do you know the command to get the public key instead of poldi-ctrl?
What the format of the file /etc/poldi/localdb/keys/, to create it without poldi-ctrl?

Thank you


#6

Hi humboldtux,

luckily yes :wink: I will change the instructions on the website as well.

As Debian maintainers decided to not include poldi-ctrl anymore, you can use gpg-connect-agent instead.

sudo sh -c 'gpg-connect-agent "/datafile /etc/poldi/localdb/keys/D00600012401020000000000xxxxxxxx" "SCD READKEY --advanced OPENPGP.3" /bye'

This should do the job. Please remember to change the ‘xxxxxxx’ above with your card information. It is may needed to disconnect and connect the stick again at first.

Kind regards
Alex


#7

Perfect thank you, it is working under Debian 9.


#8

Great! Thanks for your feedback!