Date: Tue, 12 Mar 2002 21:45:37 -0500 From: "Louis A. Mamakos" <louie@TransSys.COM> To: Gunther Schadow <gunther@aurora.regenstrief.org> Cc: freebsd-security@FreeBSD.ORG, PicoBSD List <freebsd-small@FreeBSD.ORG> Subject: Re: Smartcard device support? Message-ID: <200203130245.g2D2jbY28875@whizzo.transsys.com> In-Reply-To: Your message of "Tue, 12 Mar 2002 17:33:18 EST." <3C8E822E.7070509@aurora.regenstrief.org> References: <3C8E822E.7070509@aurora.regenstrief.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi, > > I'm wondering if it isn't time to roll out smart card use a bit more > aggressively. The question is: are any smart card devices useable > with FreeBSD? Let's say for enabling IPsec associations with racoon > (X509 cert on smartcard instead of a file on disk.) Only if smartcard > is in the box will the IPsec connection work. Of course my constraint > is cost of hardware. So is there any cheap stuff around? You should take a look at the Dallas Semiconductor Java iButton, which is a small Java smartcard like device in a package about the size of a button-battery. There's also an inexpensive reader dongle you can attach to a serial port to talk with it. The Java iButton can do RSA public key processing; in fact, with a suitably written application (in Java, of course), you can have the device generate a public/private keypair, hand you back the public key, and never expose the private key inside the tamper resistant device. Very cool. See http://www.ibutton.com/ for information. See also /usr/ports/comms/mlan3 for some low-level code used to talk to these types of "one-wire" devices. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203130245.g2D2jbY28875>