Hi, Nope, nothing helps same error.
I have checked the behaviour on two different computer with two different cardreaders. Any suggestions ??? BTW, do you have a link where pam-muscle-conf is documented I would like to check the LDAP stuff if it works. Maybe this works better ?! Ciao Matthias Karsten Ohme schrieb: >Matthias Barmeier wrote: > > >>Karsten Ohme schrieb: >> >> >> >>>Matthias Barmeier wrote: >>> >>> >>> >>> >>>>Hi, >>>> >>>>unfortunately login fails :( gdm says that he cannot read .muscle/user.cert. >>>>For now I cannot explain what wents wrong because the user.cert is readable >>>>for all. >>>> >>>> >>>Look in your /etc/musclepam/... or how it is called. Maybe the cert path >>>is not correct. It should look in ${HOME}/.muscle/user.cert. >>> >>> >>I checked it with login, but the same problem occurrs. This is my >>/etc/musclepam/pam-muscle.conf >> >>Debug = ON # Debug ON or OFF >>CertNumber = 0 # Certificate number to use >> >> > >The above was your previous problem! The certNumber specifies the key to >use and this is 0! So the keys 1 and 2 never worked. This is mentioned >in the README, but not clearly enough. > > > >>PinNumber = 1 # Pin number to verify >>UserPath = /home/ # Path to user home directory >> >> > >Try to comment the UserPath out. Maybe this helps. > > > >>CertName = user.cert # User Certificate in DER format >>RootCACert = /etc/musclepam/root.cert # Root CA certificate >>LDAPHost = unsupported # Web-server with LDAP >>LDAPPath = unsupported # Search path in LDAP >>AuthMode = UserCert # RootCert or UserCert - see README >> >> > >Karsten > > > >>----- >>My auth log says this: >> >>Nov 27 15:25:18 endavor login[5314]: cannot read certificate from >>/home/barmeier/.muscle/user.cert >>------ >> >>But: >>[EMAIL PROTECTED]:/home$ more /home/barmeier/.muscle/user.cert >>-----BEGIN PUBLIC KEY----- >>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7 >>61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY >>UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr >>MmaBZxz+OrChmMi3bQIDAQAB >>-----END PUBLIC KEY----- >> >> >>And same as root: >>endavor:/home# more /home/barmeier/.muscle/user.cert >>-----BEGIN PUBLIC KEY----- >>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7 >>61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY >>UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr >>MmaBZxz+OrChmMi3bQIDAQAB >>-----END PUBLIC KEY----- >> >>The login fails everytime. >>This my console output when logging in: >>endavor login: barmeier >>Welcome >>Please enter pin: >>pin = 00000000 >> >>Random value = >>2cbf473d171bd55ea2aee9a96b0588dba7275d40b7fb724f297a707c103396029d4c7f6918dc5e22f41491d61273783d8cbed2d0a5b65a7503a54226ba88b9df1e88c373fbe065243ac8dd002f2b5314e88bd839560666791f0ba85b2d5d04e2f294a454913e2e587065ba2cf733c298b38712622a83deba68c17ceabb7d042d >> >>Cipher value = >>20b637c2f27840d3b7c97a408178ef509e4cfec769ce50e7121396f3aae57ed2addd908e6d92a478d799e8b5e17182152bb437d59b62bc48f8d2c8bb761496ef7f9b226c97975764d7de0b855c6d68944b3062b9fc28320823d7c5ca76761241d3169b499ed818f1d854bfea7c5301ef194b4d5180666f7d88eb2f6e5c2f8cfb >> >>Password: >> >> >>Has my b2fs failed ?? >>What can I do ?? >> >>Ciao >> Matze >> >> >> >> >> >>>And enable DEBUG in this file. gdm is not a suitable way to log in and >>>to find the error. You must do it at the console, so you can see the >>>debug infos. >>> >>>Karsten >>> >>> >>> >>> >>_______________________________________________ >>Muscle mailing list >>Muscle@lists.musclecard.com >>http://lists.drizzle.com/mailman/listinfo/muscle >> >> > >_______________________________________________ >Muscle mailing list >Muscle@lists.musclecard.com >http://lists.drizzle.com/mailman/listinfo/muscle > > > > _______________________________________________ Muscle mailing list Muscle@lists.musclecard.com http://lists.drizzle.com/mailman/listinfo/muscle