--- wikisrc/tutorials/howto_bootstrap_the_ePass2003_smartcard.mdwn 2015/10/02 21:18:01 1.3 +++ wikisrc/tutorials/howto_bootstrap_the_ePass2003_smartcard.mdwn 2015/10/02 21:28:14 1.4 @@ -1,23 +1,23 @@ First you need to Install security/ccid + security/opensc and it's dependencies. -Once installed, start the pcscd daemon: +Once installed, start the pcscd daemon - /etc/rc.d/pcscd onestart + # /etc/rc.d/pcscd onestart -Check that OpenSC finds your ePass2003 smartcard +Verify that OpenSC finds your ePass2003 smartcard -
 $ opensc-tool -n
+
$ opensc-tool -n
 Using reader with a card: Feitian ePass2003 00 00
 epass2003
 
-Start by erasing the card: +Start by erasing the card $ pkcs15-init --erase-card Bootstrap the ePass2003 -
 $ pkcs15-init --create-pkcs15 --profile pkcs15+onepin --label “pettai@NetBSD.org”
+
$ pkcs15-init --create-pkcs15 --profile pkcs15+onepin --label “pettai@NetBSD.org”
 Using reader with a card: Feitian ePass2003 00 00
 New User PIN.
 Please enter User PIN:
@@ -29,14 +29,15 @@ Please type again to verify:
 
 Generate a new RSA key on the card
 
-
 $ pkcs15-init --generate-key rsa/2048 --key-usage sign,decrypt --auth-id 01 --label “pettai@NetBSD.org”
+
$ pkcs15-init --generate-key rsa/2048 --key-usage sign,decrypt --auth-id 01 --label “pettai@NetBSD.org”
 Using reader with a card: Feitian ePass2003 00 00
 User PIN [User PIN] required.
 Please enter User PIN [User PIN]:
 
+Check the ID of the generated key -
 $ pkcs15-tool --dump
+
$ pkcs15-tool --dump
 Using reader with a card: Feitian ePass2003 00 00
 PKCS#15 Card [pettai@NetBSD.org]:
         Version        : 0
@@ -81,17 +82,16 @@ Public RSA Key [pettai@NetBSD.org]
         ID             : 45d70cc6cdd46ce9914edcf6a81cb4fa60bf21ec
 
-Export the public key (and put it in your .ssh/authorized_keys file on your remote host): +Export the public key (and copy it to your .ssh/authorized_keys file on your remote host) -
 $ pkcs15-tool --read-ssh-key 45d70cc6cdd46ce9914edcf6a81cb4fa60bf21ec 
+
$ pkcs15-tool --read-ssh-key 45d70cc6cdd46ce9914edcf6a81cb4fa60bf21ec 
 Using reader with a card: Feitian ePass2003 00 00
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl/O9hhKOos+1KkL7Q/jqrmSN9EXKFP86kZp+nRyCDErYBNiNl4PTGBfS7sx//suPIxzw8epmHR26JSIq0e0ZErjwBMTDzksUwLJ3+hOMgVnlInYPn+p569EcHiIWsKurfZBClllNHOMmTf3ZblbpN3+lwQUHNaUFECmLeh+wcDq6wGnHyCYF/UPUkqr/eiO2DkAYRhCgyPSfcM6a41H4hPWvo/HZgZvq3+Rpd0NHHHdleWfqHlGrdt00nzFV1TCsW16VhGh0KBfSfTKhH2WywqKGL5ik7SS5pFbD/rFSqn5Toc68hrkfbTbb5WBep2JM6htsSLuJ4079EKV3tIfpF pettai@NetBSD.org
 
-Use your smartcard private key then ssh:ing: +Now you can use your smartcard's private key then ssh:ing to your remote host -

-$ ssh -I /usr/pkg/lib/opensc-pkcs11.so pettai@localhost
+
$ ssh -I /usr/pkg/lib/opensc-pkcs11.so pettai@localhost
 Enter PIN for 'pettai@NetBSD.org (User PIN)':
 Last login: Fri Oct  2 15:41:21 2015 from 109.105.104.135
 NetBSD 7.99.19 (GENERIC) #0: Mon Jun 22 06:11:15 UTC 2015