Am Mon, 8 Dec 2014 08:13:25 +0000 schrieb "lux-integ" lux-integ@btconnect.com:
Greetings,
I have been searching webpages for guidance on using a smartcard ( also know as an HSM ) for storing passwords for an ldap database on a linux system.
This would include for instance how would the userPassword (attrribute) be specified - i.e. how to specify the userPassword to read the PIN/SO- PIN/PUK{whatever} of the HSM/smart-card etc etc ??
Any guidance would be much appreciated.
RFC-4513 describes LDAP Authentication Methods. I don't know much about HSM/smartcards, but if the provided key is a X.509 certificate, than it would be simple. RFC-4422 describes SASL, if your smatcard provider is complying with this RFC, than it could be realised.
-Dieter