Gnome includes a advanced password and key manager called Gnome-keyring, which acts as a replacement for ssh-agent.
To use smartcards without problem, you will need at least Gnome 2.6.30 and Gnome-keyring-daemon 2.6.30. Our tests show that Gnome 2.6.28 keyring-manager is not able to load keys from PKCS#11 smartcards.
After starting Gnome 2.6.30, run gconf-editor to enable PKCS11 and ssh agent:
Type gconf-edit and open /apps/gnome-keyring/daemon-components
Make sure that pkcs11 and ssh are enabled.
In our tests, we found that Gnome 2.6.30 needed some additional information on startup.
Exit Gconfig and return to desktop.
In the main menu bar, select System->Preferences->Startup Applications.
Startup applications preferences dialog is displayed:
Although Gnome-Keyring-Daemon is running on startup, you need to inform the daemon to load pkcs#11 and ssh extensions.
Find the Certificate and Key storage icon. Make sure it is enabled:
If you click on Edit, the command should be:
Find the Gnome SSH agent icon. Make sure it is enabled:
If you click on Edit, the command should be:
Now load your public SSH keys from your smartcard:
On prompt, enter PIN code:
Card added: /usr/lib/opensc-pkcs11.so
You can now list public keys loaded by Gnome-Keyring and ssh-agent:
ssh-rsa AAAAB3NzaC1yc2EAAAADA*********R9EQ7MeKHsfot4xotz6YqE/RPve+1dAvTl /usr/lib/opensc-pkcs11.so
You can now use your smartcard in Gnome.
We did not test sftp attachment in Nautilus 2.6.30, but it should work smoothly with RSA keys on smartcard.
Blinklist
del.icio.us
Digg
Facebook
Favorite
Google
Google Buzz
Icerocket
LinkedIn
Newsvine
Propeller
Reddit
SlashDot
StumbleUpon
Technorati
Twitter
Yahoo
Printer-friendly version- 3668 reads
PDF version
