Jan Klod <janklodvan@xxxxxxxxx> wrote: > On Sunday 10 August 2008 23:06:05 Harmon Seaver wrote: >> Forgive me, I've not been paying attention to linux crypto for quite >> some time, but perhaps someone could refresh my memory a bit. >> What would be the best way to have a login on a linux box done not >> by a simple password, but by using a memory stick, sd card, or whatever >> with an encrypted key on it, which, perhaps, would also require a short >> PIN number? Sort of like doing an ATM login. > > > I'd say, just read on loop-AES readme! > http://loop-aes.sourceforge.net/loop-AES.README > Example 7. You will see, it takes some time to set up. The question wasn't how to encrypt drive space, but how to use some physical crypographic token to augment login credentials. Most Linux login mechanisms use PAM to broker authentication, and there are several PAM modules that allow use of devices in the authentication process - pam_usb, pam_blue, pam_p11, and so on. Not knowing anything more about what your needs are, that's all I know to tell you. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
