[Pcsclite-muscle] Best way to remotely use smart card?
Douglas E Engert
deengert at gmail.com
Mon Nov 13 05:51:32 PST 2023
Many systems and policies of card issuers and employers say a smart card is issued to a user and can only be used by
the user while at the console of the workstation. The OS may enforce this.
The other question is which remote users should also have access this smart card attached to the server.
As other have pointed out polkit might be the answer.
Another approach which may not by available or is not what you want, is to use some Remote Desktop application
so the user has the card with them, but server can access it for login and/or after login. Windows RDC can do this.
On 11/12/2023 11:04 PM, D Ducky wrote:
> Is that what it is?
>
> If I go to the remote machine physically, and log in, I can use the smart card.
>
> If I am on my client machine and use remmina with ssh+vnc, it does not see a smart card on the web browsers.
>
> That's the issue.
>
> On 11/12/23 21:50, David Woodhouse wrote:
>> On 12 November 2023 22:25:02 GMT-05:00, D Ducky <suffsuccotash at gmail.com> wrote:
>>> https://p11-glue.github.io/p11-glue/p11-kit/manual/remoting.html
>>>
>>> Ok, the difference here is the remote server is where the card is. The local machine is sshing/vncing into the remote server, where the smart card is present in the reader.
>> Oh, you want software on the "remote" machine to be able to use the device which is physically attached to that same machine, but your user just lacks the permissions to use the card reader when
>> you aren't logged in on the physical console?
>>
>> That would just be a permissions problem.
>
> _______________________________________________
> pcsclite-muscle mailing list
> pcsclite-muscle at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/pcsclite-muscle
--
Douglas E. Engert <DEEngert at gmail.com>
More information about the pcsclite-muscle
mailing list