2. Getting Started With Solaris Smartcard
Starting the Smartcard Console
To Start the Smartcard Console From the Command Line
To Start the Smartcard Console From the CDE Desktop
Setting Up for Smartcard Login
To Add a Card Reader (Console)
To Add Support for a New Card Type (Console)
To Add Support for a New Card Type (Command Line)
To Load the Smartcard Applet to a Smart Card (Console)
To Load the Smartcard Applet to a Smart Card (Command Line)
To Set Up a User Profile (Console)
To Set Up a User Profile (Command Line)
To Verify a PIN for a Smart Card
To Change the PIN on a Card (Console)
To Change the PIN on a Card (Command Line)
To Enable Smartcard on a System (Console)
If you don't want to use the default values for Smartcard timeouts and card removal actions, you can change the values. The procedures for changing the values are described in the following sections.
The following command provides the status of the service.
% svcs network/rpc/ocfserv
Note - Before you make any changes to Smartcard, you must make sure that the ocfserv daemon is enabled.
# svcadm enable network/rpc/ocfserv
The Configure Clients dialog box is displayed.
Card Removal Timeout – Specifies the number of seconds the desktop waits after a smart card is removed before locking the screen. The card removal timeout only applies if the “Ignore Card Removal” box is not checked under the options tab. If Card Removal Logout Wait is set to 0, a user is never logged out. The screen remains locked until the user reauthenticates to unlock the screen.
Reauthentication Timeout – Specifies the number of seconds the Reauthentication screen is displayed when the card has been removed. At the end of the specified time, the screen is locked.
Card Removal Logout Wait Timeout – Specifies the number of seconds the desktop waits for a smart card to be reinserted when the Reauthentication screen is displayed. If the card is not reinserted in time, the user is logged out. Note that this timeout is relevant only if Reauthenticate After Card Removal—in the Options tab—is set to False.
The following command provides the status of the service.
% svcs network/rpc/ocfserv
Note - Before you make any changes to Smartcard, you must make sure that the ocfserv daemon is enabled.
# svcadm enable network/rpc/ocfserv
The Configure Clients dialog box is displayed.
Ignore Card Removal – If checked, nothing happens when a smart card is removed from the reader.
Reauthenticate After Card Removal – If checked, a user is logged out when a card is removed. If Reauthenticate is not checked, the Card Removal Logout Wait setting—in the Timeouts tab—determines what happens.