Colors of Noise

agx@sigxcpu.org

Entries from September 2008.

krb5-auth-dialog pkinit support
19th September 2008

I finally got around to hack pkinit support into krb5-auth-dialog. It's available on the pkinit branch in git:

git clone http://honk.sigxcpu.org/git/krb5-auth-dialog.git
git-checkout --track  -b  pkinit origin/pkinit mkdir build && cd build
../autogen.sh --enable-pkinit && make && make install

In order to build it, you need Heimdal 1.1 or newer. The freshly built krb5-auth-dialog will work as before until you set:

gconftool-2 --type=string --set /apps/krb5-auth-dialog/pk_userid "PKCS11:/usr/lib/opensc/opensc-pkcs11.so"

This tells krb5-auth-dialog to look for the principal's public/private/certificate identifier on a smartcard that is handled via opensc (like kinit's "-C" option). From now on krb5-auth-dialog will ask for the smart cards' PIN instead of the principals password:

pin entry

Note: when using pkcs11 there's currently a bug in Heimdal that causes all applications to crash when you enter an incorrect PIN. The bugreport has a patch for Heimdal 1.2 to fix this attached.

Tags: single-sign-on.
Suspend to Disk with a Apple Powerbook G4 12"
12th September 2008

According to this Ubuntu bugreport some people still seem to have problems to hibernate 12" pbooks. Hibernate is working on these machines with patches since about Linux 2.6.5 and mainline support is there since about 2.6.12.

I used pbbuttonsd to hibernate for a long time and it worked really well but switched to using the Gnome/HAL infrastructure (which in turn uses pm-utils) recently since it has a much nicer integration into the rest of the desktop (locks the screen, etc.). There were two minor adjustments necessary to get things to work an a PowerBook6,1 and Powerbook6,4 within Debian:

No tags

RSS Feed