[Muscle] Login failed with libpam
Amanda Ortega
amandaortega at gmail.com
Wed Apr 16 05:40:22 PDT 2008
Returning to this discussion, I was reading the README of libpam-musclecard
and it explains that I have to create a key pair and export the public key
to a certificate which must be at my home directory. When I try to login, it
creates a nonce which will be encrypted with the private key of my card and
decrypt with the private key of the certificate. I don't know exactly what
must be the private key number. README file says that the number of the
private key must be 3, but at the example in the same file, it creates a key
pair whose private key is number 1. I am a little confused about this. What
must be the private key number finally?
Thanks,
Amanda
2008/1/24, Amanda Ortega <amandaortega at gmail.com>:
>
> Yes, the key is already on the card. I am sending the output with debug.
>
> Amanda
>
> # login
> Welcome to pam_musclecard.so verification Module
> Login Amanda: amanda
> User = amanda
> Please enter pin:
> Random value =
> 29e4d86e5f9f4724542e91769e4e655d29fd7f56a107d477b0e6ba57b58ec2c2d
> fd1ece260d847a4bca149e67dfed3ce2df81256284de06dc6ae7cad7a20f9aa9487d6a7b6337a7a0
> 1ee6eea5e4990005c0d217fc7ebdce8c6009c4786f10bc2f10ec47592666de3a48714d989ac96731
> 34d7516dbed3ceeb7d0b229bd951829
>
> Cipher value =
> ad2793ec98ee9c147ecf99e3fdf6847eda01b35bbab9bfef42a9194d880585a81
> e131b2d5ed6eb4e0a39c81ffbeea12cd472e72296db31aee3c2a5d0c1d58ae64efc6e10fce0ebd66
> ba8c03f2ff83b8985f94a5f11ed4fc2a017a3bf8bebf40c03a515c1495ade367b50f7fad7ae94edd
> f452bd43ac816b18902fa8e44d1219a
>
>
> Login incorrect
>
> Login incorrect
>
> Login incorrect
>
> Login incorrect
> Login Amanda:
>
> 2008/1/24, Karsten Ohme <widerstand at t-online.de >:
> >
> > Amanda Ortega schrieb:
> > > Hello!!
> > >
> > > I am trying to use libpam to login with smart card. I configured the
> > > file /etc/musclepam/pam-muscle.conf to the module search the
> > certificate
> > > at ~/muscle/user.cert. Then, I generated the certificate and put it
> > > there. Last, I added the following line at the file /etc/pam.d/login:
> >
> > That means the key is also already on the card? I think the muscle pam
> > module has also a debug switch (DEBUG=ON) in pam-muscle.conf. Maybe the
> > problem shows.
> >
> > Karsten
> > >
> > > auth requisite /lib/security/pam- musclecard.so nullok reader=0
> > >
> > > Then, when I try to login typing an incorrect PIN, it shows the
> > message
> > >
> > > Invalid PIN Entered
> > >
> > > but, when I type the correct PIN, this message isn't showed. Although,
> >
> > > in both cases a message
> > >
> > > Login incorrect
> > >
> > > is showed. I think it is verifying correctly the PIN, but I don't know
> > > why it doesn't login.
> > >
> > > The result of the command
> > >
> > > pcscd -a -d -f
> > >
> > > follows at the end of the e-mail.
> > >
> > > What is happening?
> > >
> > > Thanks in advance,
> > > Amanda
> > >
> > > # pcscd -a -d -f
> > > pcscdaemon.c:259:main() pcscd set to foreground with debug send to
> > stderr
> > > pcscdaemon.c:464:main() pcsc-lite 1.3.2 daemon ready.
> > > hotplug_libusb.c:407:HPAddHotPluggable() Adding USB device: 001:003
> > > readerfactory.c :1093:RFInitializeReader() Attempting startup of
> > Gemplus
> > > GemPC Twin 00 00 using
> > > /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so.1.1.0
> > > readerfactory.c:964:RFBindFunctions() Loading IFD Handler 3.0
> > > ifdhandler.c :1182:init_driver() LogLevel: 0x0003
> > > ifdhandler.c:1192:init_driver() DriverOptions: 0x0000
> > > ifdhandler.c:77:IFDHCreateChannelByName() lun: 0, device:
> > > usb:08e6/3437:libusb:001:003
> > > ccid_usb.c:231:OpenUSBByName() Manufacturer: Ludovic Rousseau (
> > > ludovic.rousseau at free.fr <mailto:ludovic.rousseau at free.fr>)
> > > ccid_usb.c:241:OpenUSBByName() ProductString: Generic CCID driver
> > v1.1.0
> > > ccid_usb.c:247:OpenUSBByName() Copyright: This driver is protected by
> > > terms of the GNU Lesser General Public License version 2.1, or (at
> > your
> > > option) any later version.
> > > ccid_usb.c:395:OpenUSBByName() Found Vendor/Product: 08E6/3437
> > (Gemplus
> > > GemPC Twin)
> > > ccid_usb.c:397:OpenUSBByName() Using USB bus/device: 001/003
> > > ccid_usb.c:800:get_data_rates() declared: 10753 bps
> > > ccid_usb.c:800:get_data_rates() declared: 14337 bps
> > > ccid_usb.c:800:get_data_rates() declared: 15625 bps
> > > ccid_usb.c:800:get_data_rates() declared: 17204 bps
> > > ccid_usb.c:800:get_data_rates() declared: 20833 bps
> > > ccid_usb.c:800:get_data_rates() declared: 21505 bps
> > > ccid_usb.c:800:get_data_rates() declared: 23438 bps
> > > ccid_usb.c:800:get_data_rates() declared: 25806 bps
> > > ccid_usb.c:800:get_data_rates() declared: 28674 bps
> > > ccid_usb.c:800:get_data_rates() declared: 31250 bps
> > > ccid_usb.c:800:get_data_rates() declared: 32258 bps
> > > ccid_usb.c:800:get_data_rates() declared: 34409 bps
> > > ccid_usb.c:800:get_data_rates() declared: 39063 bps
> > > ccid_usb.c:800:get_data_rates() declared: 41667 bps
> > > ccid_usb.c:800:get_data_rates() declared: 43011 bps
> > > ccid_usb.c:800:get_data_rates() declared: 46875 bps
> > > ccid_usb.c:800:get_data_rates() declared: 52083 bps
> > > ccid_usb.c:800:get_data_rates() declared: 53763 bps
> > > ccid_usb.c:800:get_data_rates() declared: 57348 bps
> > > ccid_usb.c:800:get_data_rates() declared: 62500 bps
> > > ccid_usb.c:800:get_data_rates() declared: 64516 bps
> > > ccid_usb.c:800:get_data_rates() declared: 68817 bps
> > > ccid_usb.c:800:get_data_rates() declared: 71685 bps
> > > ccid_usb.c:800:get_data_rates() declared: 78125 bps
> > > ccid_usb.c:800:get_data_rates() declared: 83333 bps
> > > ccid_usb.c:800:get_data_rates() declared: 86022 bps
> > > ccid_usb.c:800:get_data_rates() declared: 93750 bps
> > > ccid_usb.c:800:get_data_rates() declared: 104167 bps
> > > ccid_usb.c:800:get_data_rates() declared: 107527 bps
> > > ccid_usb.c:800:get_data_rates() declared: 114695 bps
> > > ccid_usb.c:800:get_data_rates() declared: 125000 bps
> > > ccid_usb.c:800:get_data_rates() declared: 129032 bps
> > > ccid_usb.c:800:get_data_rates() declared: 143369 bps
> > > ccid_usb.c:800:get_data_rates() declared: 156250 bps
> > > ccid_usb.c:800:get_data_rates() declared: 166667 bps
> > > ccid_usb.c:800:get_data_rates() declared: 172043 bps
> > > ccid_usb.c:800:get_data_rates() declared: 215054 bps
> > > ccid_usb.c:800:get_data_rates() declared: 229391 bps
> > > ccid_usb.c:800:get_data_rates() declared: 250000 bps
> > > ccid_usb.c:800:get_data_rates() declared: 344086 bps
> > > ifdhandler.c:271:IFDHGetCapabilities() lun: 0, tag: 0xFAE
> > > ifdhandler.c:313:IFDHGetCapabilities() Reader supports 1 slots
> > > ifdhandler.c:806:IFDHPowerICC() lun: 0
> > > Card ATR: 3B 7A 94 00 00 80 65 A2 01 01 01 3D 72 D6 43
> > > winscard_msg_srv.c:203:SHMProcessEventsServer() Common channel packet
> > > arrival
> > > winscard_msg_srv.c:212:SHMProcessEventsServer()
> > > SHMProcessCommonChannelRequest detects: 7
> > > pcscdaemon.c:151:SVCServiceRunLoop() A new context thread creation is
> > > requested: 7
> > > winscard_svc.c:132:ContextThread() Thread is started: 7
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard_svc.c:179:ContextThread() Client is protocol version 2:1
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:159:SCardEstablishContext() Establishing Context: 16992230
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:213:SCardConnect() Attempting Connect to Gemplus GemPC Twin
> > > 00 00 using protocol: 3
> > > prothandler.c :130:PHSetProtocol() Attempting PTS to T=0
> > > ifdhandler.c:396:IFDHSetProtocolParameters() lun: 0, protocol T=0
> > > ifdhandler.c:1272:extra_egt() Extra EGT patch applied
> > > towitoko/atr.c:351:ATR_GetDefaultProtocol() no default protocol found
> > in
> > > ATR. Using T=0
> > > winscard.c:323:SCardConnect() Active Protocol: T=0
> > > winscard.c:333:SCardConnect() hCard Identity: 1240b
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:1454:SCardTransmit() Send Protocol: T=0
> > > APDU: 00 A4 04 00 06 A0 00 00 00 01 01
> > > ifdhandler.c:913:IFDHTransmitToICC() lun: 0
> > > SW: 90 00
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:1454:SCardTransmit() Send Protocol: T=0
> > > APDU: B0 42 01 00 08 4D 75 73 63 6C 65 30 31
> > > ifdhandler.c:913:IFDHTransmitToICC() lun: 0
> > > SW: 90 00
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:1454:SCardTransmit() Send Protocol: T=0
> > > APDU: B0 36 01 01 05 00 03 01 00 00
> > > ifdhandler.c:913:IFDHTransmitToICC() lun: 0
> > > SW: 90 00
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c :1454:SCardTransmit() Send Protocol: T=0
> > > APDU: B0 36 01 03 83 01 00 80 3D CB 33 52 EF 77 7F DB 7F B2 4F A0 2E
> > 14
> > > 8D 52 C9 2D 46 DE 25 DB 54 DA 8E CB D3 66 0F DB C1 97 BE 6F 30 25 B2
> > CD
> > > C9 B7 75 E7 EC FB 8D E4 4C D3 D3 C8 05 09 A3 3A 99 C6 61 0A 11 0C 9E
> > 9C
> > > 8D EF 68 AB 34 A6 54 A9 ED 7A E8 5A 1A E0 EB E2 40 F5 57 FD FC 9E 1F
> > C5
> > > A6 60 C0 55 D6 AF 85 34 A1 39 47 55 6E F7 F6 1F 42 83 B8 D5 EB 2E BA
> > C8
> > > 61 E8 CB 3E C4 C2 2D C3 CC B2 56 C2 2D 43 DB 46 11 D7
> > > ifdhandler.c:913:IFDHTransmitToICC() lun: 0
> > > SW: 61 82
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:1454:SCardTransmit() Send Protocol: T=0
> > > APDU: 00 C0 00 00 82
> > > ifdhandler.c:913:IFDHTransmitToICC() lun: 0
> > > SW: 00 80 46 54 DB BE 7E 6D E0 2E 77 93 8A 7E 58 8F 91 82 F3 19 75 3B
> > F7
> > > 50 F8 06 77 38 82 4C 22 DE 72 B4 A4 84 7F D2 69 1A 09 16 6F 6C 69 51
> > B5
> > > C8 47 B4 B6 F2 A2 32 F2 E9 FE 68 B7 20 D2 17 E1 9F 41 DA 48 89 4C 83
> > 77
> > > E7 84 DE A1 6F 59 B5 B3 4B 5C 11 B9 AD 49 CA 63 F2 A9 48 98 7F D5 FC
> > 97
> > > 3A D1 0C 9D BB FD CA 37 15 ED AE 67 47 A9 39 DA 86 7F 10 BE 87 38 D1
> > 58
> > > FA D9 4B C9 DE 3A 5A B7 9A E2 0E 90 00
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:710:SCardDisconnect() Active Contexts: 1
> > > ifdhandler.c :806:IFDHPowerICC() lun: 0
> > > winscard.c:769:SCardDisconnect() Reset complete.
> > > winscard_msg_srv.c:274:SHMProcessEventsContext() correctly processed
> > > client: 7
> > > winscard.c:170:SCardReleaseContext() Releasing Context: 16992230
> > > winscard_msg_srv.c:262:SHMProcessEventsContext() Client has
> > disappeared: 7
> > > winscard_svc.c:145:ContextThread() Client die: 7
> > > pcscdaemon.c:529:signal_trap() Preparing for suicide
> > > hotplug_libusb.c:361:HPEstablishUSBNotifications() Hotplug stopped
> > > readerfactory.c:1348:RFCleanupReaders() entering cleaning function
> > > readerfactory.c:1357:RFCleanupReaders() Stopping reader: Gemplus GemPC
> > > Twin 00 00
> > > eventhandler.c:121:EHDestroyEventHandler() Stomping thread.
> > > eventhandler.c:150:EHDestroyEventHandler() Thread stomped.
> > > readerfactory.c :1140:RFUnInitializeReader() Attempting shutdown of
> > > Gemplus GemPC Twin 00 00.
> > > ifdhandler.c:222:IFDHCloseChannel() lun: 0
> > > readerfactory.c:1009:RFUnloadReader() Unloading reader driver.
> > > pcscdaemon.c:489:at_exit() cleaning /var/run
> > >
> > >
> > >
> > ------------------------------------------------------------------------
> > >
> > > _______________________________________________
> > > Muscle mailing list
> > > Muscle at lists.musclecard.com
> > > http://lists.drizzle.com/mailman/listinfo/muscle
> >
> > _______________________________________________
> > Muscle mailing list
> > Muscle at lists.musclecard.com
> > http://lists.drizzle.com/mailman/listinfo/muscle
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drizzle.com/pipermail/muscle/attachments/20080416/461df138/attachment.html
More information about the Muscle
mailing list