https://www.makeuseof.com/advanced-data-structures-every-programmer-should-know
https://finddiffer.com/how-do-i-fix-ctrl-c-not-working/
☂
https://www.makeuseof.com/palettefm-black-and-white-photos
♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣♥♠♣
Do you need encouragement while typing the best code ever?
Try this:
Wednesday, March 21, 2018
Linux + Smart Cards: A Rare Technical Breakthrough
Do you hate Windows and/or prefer Linux? Does Firefox annoy you? Are you still holding on to that crappy laptop just to be able to check your Army/Navy/Air Force/Marine e-mail? This entry is for you.
This article builds on/modifies the instructions in the following two articles:
http://www.militarycac.com/linux.htm
https://help.ubuntu.com/community/CommonAccessCard
My thanks to both for putting the data out there. Now I don't have to scream at my old laptop once a month.
First off, here are my system specs:
Computer:
This article builds on/modifies the instructions in the following two articles:
http://www.militarycac.com/linux.htm
https://help.ubuntu.com/community/CommonAccessCard
My thanks to both for putting the data out there. Now I don't have to scream at my old laptop once a month.
First off, here are my system specs:
Computer:
Card Reader: SCM Micro SCR331 (PN: 904622)
Browser Version: Google Chrome Version 65.0.3325.162 (Official Build) (64-bit)
First, I opened a Terminal and installed the middleware as follows:
sudo apt-get install libpcsclite1 pcscd pcsc-tools
I then plugged in the CAC reader and inserted my CAC. Then I ran the PCSC diagnostic tool to check the reader status:
pcsc_scan
Next, following the instructions from MilitaryCAC.com, I downloaded the DoD certificates and installed them in Chrome:
Settings --> Advanced --> Manage Certificates --> Authorities --> Import
Note: You have to check all THREE permissions boxes for EACH certificate when you install it.
After that, I utilized Synaptic Package Manager to install Coolkey and all its relevant components.
Note: I had tried a few different things to get Cackey to work (e.g. using the App for Chrome) but AKO still didn't recognize that my card was inserted.
Following the directions from the Ubuntu help site, I installed NSS (which Linux apparently uses to manage SSL certificates) as follows:
WARNING: Close out Chrome before you do this! If you don't, it might corrupt it.
CAUTION: DO NOT use sudo to add the CAC Module! It will lock the pkcs11.txt file that allows your web browser to recognize that the CAC is inserted into the reader.
modutil -dbdir sql:.pki/nssdb/ -add "CAC Module" -libfile /usr/lib/pkcs11/libcoolkeypk11.so
Note: Your library file location might be different. Utilize a search to look for the Coolkey library file.
After that, I checked to see if the reader recognized my card:
modutil -dbdir sql:.pki/nssdb/ -list
You should see something like this:
1. NSS Internal PKCS #11 Module
slots: 2 slots attached
status:loaded
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
2. CAC Module
library name: /usr/lib/libcackey.so
slots: 1 slot attached
status: loaded
slot: CACKey Slot
token: LASTNAME.FIRSTNAME.NMN.123456789
If not, MilitaryCAC suggests that you probably were not in your home directory during install. That is a must.
That was literally it. I was able to log onto AKO, MyPay, and my Enterprise E-mail.
NOTE: If CAC reader light does not go on once plugged in or when card is plugged in, running pcsc_scan should reinitialize communications.
UPDATE [5-7-2018]: Have successfully installed CAC reader on Zorin OS 12.3 and utilized to access AKO. Changes to previous system specs as follows:
OS: Zorin OS 12.3 (64-bit)
Browser: Chromium Version 64.0.3282.167 (Official Build) Built on Ubuntu , running on Zorin 12 (64-bit)
System:
UPDATE [6-1-2018]: Successfully accessed
No comments:
Post a Comment
Коментар: