[SmartcardServices-Users] [Fed-Talk] Re: Require smart card login
Henry B. Hotz
hotz at jpl.nasa.gov
Wed Jan 19 11:26:56 PST 2011
Is there a similar command which can be used to substitute a cert for the Master Password?
Seems silly to protect a single user that way if you can still use a plain old password as a go-around.
On Oct 13, 2010, at 1:37 PM, Shawn A. Geddis wrote:
> Your most appropriate protection of the User's Login Keychain is to protect it with the Smart Card and not the PIN.
>
> How do you do that ?
>
> $ sudo systemkeychain -T /Volumes/<user>/Library/keychains/login.keychain
>
>
> I notice this does not appear in the man page for systemkeychain (ie. 'man systemkeychain'), but it does appear in the 'usage' for systemkeychain ('$ systemkeychain') -- so many of you may never have known this. It has been around for quite sometime and I know I have conveyed it in many different forums, but there are many new people on these lists who may benefit from this.
>
> $ systemkeychain
> Usage: systemkeychain -C [passphrase] # (re)create system root keychain
> systemkeychain [-k destination-keychain] -s source-keychain ...
> systemkeychain -T token-protected-keychain-name
>
>
> -Shawn
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the SmartcardServices-Users
mailing list