Hi,
Nope, nothing helps same error.
I have checked the behaviour on two different computer
with two different cardreaders.
Any suggestions ???
BTW, do you have a link where pam-muscle-conf is documented
I would like to check the LDAP stuff if it works.
Maybe this works better ?!
Ciao
Matthias
Karsten Ohme schrieb:
>Matthias Barmeier wrote:
>
>
>>Karsten Ohme schrieb:
>>
>>
>>
>>>Matthias Barmeier wrote:
>>>
>>>
>>>
>>>
>>>>Hi,
>>>>
>>>>unfortunately login fails :( gdm says that he cannot read .muscle/user.cert.
>>>>For now I cannot explain what wents wrong because the user.cert is readable
>>>>for all.
>>>>
>>>>
>>>Look in your /etc/musclepam/... or how it is called. Maybe the cert path
>>>is not correct. It should look in ${HOME}/.muscle/user.cert.
>>>
>>>
>>I checked it with login, but the same problem occurrs. This is my
>>/etc/musclepam/pam-muscle.conf
>>
>>Debug = ON # Debug ON or OFF
>>CertNumber = 0 # Certificate number to use
>>
>>
>
>The above was your previous problem! The certNumber specifies the key to
>use and this is 0! So the keys 1 and 2 never worked. This is mentioned
>in the README, but not clearly enough.
>
>
>
>>PinNumber = 1 # Pin number to verify
>>UserPath = /home/ # Path to user home directory
>>
>>
>
>Try to comment the UserPath out. Maybe this helps.
>
>
>
>>CertName = user.cert # User Certificate in DER format
>>RootCACert = /etc/musclepam/root.cert # Root CA certificate
>>LDAPHost = unsupported # Web-server with LDAP
>>LDAPPath = unsupported # Search path in LDAP
>>AuthMode = UserCert # RootCert or UserCert - see README
>>
>>
>
>Karsten
>
>
>
>>-----
>>My auth log says this:
>>
>>Nov 27 15:25:18 endavor login[5314]: cannot read certificate from
>>/home/barmeier/.muscle/user.cert
>>------
>>
>>But:
>>[EMAIL PROTECTED]:/home$ more /home/barmeier/.muscle/user.cert
>>-----BEGIN PUBLIC KEY-----
>>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7
>>61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY
>>UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr
>>MmaBZxz+OrChmMi3bQIDAQAB
>>-----END PUBLIC KEY-----
>>
>>
>>And same as root:
>>endavor:/home# more /home/barmeier/.muscle/user.cert
>>-----BEGIN PUBLIC KEY-----
>>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9zeF3Fe1j+bZci9H0xbGvX/U7
>>61hC/jqvmHxcB8CVzEx6ajlErq5d78/j92YPKMU/mjVcogQ+IjvDhHOociaOwfaY
>>UmdUSZ9VgVa5MTl+N6s9Frr9p1Q0pPXLTNm13rPU2LJaInHp6eAy7rs1VVawA0pr
>>MmaBZxz+OrChmMi3bQIDAQAB
>>-----END PUBLIC KEY-----
>>
>>The login fails everytime.
>>This my console output when logging in:
>>endavor login: barmeier
>>Welcome
>>Please enter pin:
>>pin = 00000000
>>
>>Random value =
>>2cbf473d171bd55ea2aee9a96b0588dba7275d40b7fb724f297a707c103396029d4c7f6918dc5e22f41491d61273783d8cbed2d0a5b65a7503a54226ba88b9df1e88c373fbe065243ac8dd002f2b5314e88bd839560666791f0ba85b2d5d04e2f294a454913e2e587065ba2cf733c298b38712622a83deba68c17ceabb7d042d
>>
>>Cipher value =
>>20b637c2f27840d3b7c97a408178ef509e4cfec769ce50e7121396f3aae57ed2addd908e6d92a478d799e8b5e17182152bb437d59b62bc48f8d2c8bb761496ef7f9b226c97975764d7de0b855c6d68944b3062b9fc28320823d7c5ca76761241d3169b499ed818f1d854bfea7c5301ef194b4d5180666f7d88eb2f6e5c2f8cfb
>>
>>Password:
>>
>>
>>Has my b2fs failed ??
>>What can I do ??
>>
>>Ciao
>> Matze
>>
>>
>>
>>
>>
>>>And enable DEBUG in this file. gdm is not a suitable way to log in and
>>>to find the error. You must do it at the console, so you can see the
>>>debug infos.
>>>
>>>Karsten
>>>
>>>
>>>
>>>
>>_______________________________________________
>>Muscle mailing list
>>Muscle@lists.musclecard.com
>>http://lists.drizzle.com/mailman/listinfo/muscle
>>
>>
>
>_______________________________________________
>Muscle mailing list
>Muscle@lists.musclecard.com
>http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>
>
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
