[SmartcardServices-Users] Storing Keychain data

[SB Tech]

Are you sure you want/need to use a Smart Card ?  What characteristics or
capabilities were you looking for that lead you to Smart Cards ?


I simply wanted a way to log in securely to a work notebook used in the
field that would obviate the need to remember a complicated and lengthy
password.  The Smart Card solution fell short of this requirement because
entering the PIN on login failed to unlock the default keychain, so that
several login services I rely on (automatic connections to remembered wifi
networks, mounting of encrypted disk images) failed to work without the
unlocking of the default keychain.

I learned I could use the same PIN on my default keychain as used on the
Smart Card during login to get around this, but this weakened the password
on the default keychain too much.  It also raised the issue that, should
the Smart Card be unavailable, logging in would once again require the
manual unlock of the default keychain.  So, I discarded this workaround as
unsatisfactory

Hence my pursuit of a way to store Keychain Access-recognizable objects
directly on the Smart Card, so that login services would have access to
them when I log in with the Smart Card.  My logic has led me to assume this
to be the most appropriate way to solve this problem.  So far as I
understand it, the Smart Card cannot be used to single-handedly
authenticate to every service that might have its password stored in the
default keychain.

It's true that, along the way, I've failed to understand quite a few
things, and this has made things harder (both for me and for those who
attempt to help).  Hopefully we can move past that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20120304/800b75f6/attachment.html>