Solaris Smartcard Administration Guide

ProcedureTo Enable Smartcard Usage (Command Line)

Use this procedure to enable Solaris Smartcard usage on a system. A user must use an accepted smart card for the system. A user might also need to type a PIN to log in to the system.

  1. Become superuser on each system to be used in Smartcard operations.

  2. Verify that the ocfserv daemon is enabled.

    The following command provides the status of the service.

    # svcs network/rpc/ocfserv

    Note –

    Before you make any changes to Smartcard, you must make sure that the ocfserv daemon is enabled.

  3. (Optional) If necessary, enable the ocfserv daemon.

    # svcadm enable network/rpc/ocfserv
  4. Stop the desktop.

    # /etc/init.d/dtlogin stop
  5. Enable Solaris Smartcard operations.

    # smartcard -c enable
  6. Restart the desktop.

    # /etc/init.d/dtlogin start

    Note –

    When CDE is configured for Smartcard login, /etc/pam.conf is modified to include pam_smartcard. For example, when smartcard -c enable is executed, the following lines are inserted at the top of the auth stacks for dtlogin and dtsession:

    dtlogin auth requisite
    dtsession auth requisite