PAM with Credit Cards
Craig White
craigwhite at azapple.com
Sun Feb 27 13:45:20 UTC 2005
On Sun, 2005-02-27 at 07:37 -0600, Brian Fahrlander wrote:
> I'm looking into something...maybe some long-term plans. Let's say I
> handed out a bunch of magnetic cards for students to use, each with a
> name on it an/or PIN, and wanted them to walk up to a PC with a reader
> and use that card (probably authorized by LDAP somehow) to 'be' their
> login/password.
>
> How tough would it be to write that kinda PAM module? Has anyone
> here done it?
-----
probably the idea is using ssl certificates
generating certificates on a per user basis
having certificate revocation lists
making sure that the various applications check the certificate
revocation list
ldap can use certificates
methodology could probably implement any number of things, magnetic
ID's, USB thumb drives, floppy disks or anything could conceivably store
the certificate.
Craig
More information about the fedora-list
mailing list