Installing OpenSC 0.17 on CentOS 7.4

Support for security such as Firewalls and securing linux
cmalcolm
Posts: 1
Joined: 2018/02/09 14:36:47

Installing OpenSC 0.17 on CentOS 7.4

Postby cmalcolm » 2018/02/09 14:46:47

Hello,

I am trying to install OpenSC 0.17 on CentOS 7.4 to use for Smart Card logon to the system. I had previously used yum to install OpenSC 0.16 from EPEL, however with the cards I am using the 0.16 version doesn’t work properly with pkcs11-tool and other tests (and also doesn’t allow me to sign in to the system, after prompting for the PIN, the login fails).

When I downloaded / compiled / installed OpenSC 0.17 from their source (https://github.com/OpenSC/OpenSC/wiki), I was able to get successful results from pkcs11-tool --login –test.

Unfortunately I can’t seem to get CentOS to use this newer version for Smart Card logon to the desktop. I had:

1) Removed OpenSC 0.16 from the system with “yum remove opensc”.
2) Downloaded / compiled / installed OpenSC 0.17 following the steps on the OpenSC wiki: https://github.com/OpenSC/OpenSC/wiki/C ... ix-flavors. The only change I made was --prefix=/usr/lib64/ --sysconfdir=/etc.
3) Modified /etc/pam_pkcs11/pam_pkcs11.conf to point to the updated opensc-pkcs11.so location in the “module” directive(s).
4) Restarted the system to try logging in.

However, when I insert the smart card into the reader at the Gnome login screen, it does not detect the card, nor ask me for the PIN. If I complete the login with username/password, I can use pkcs11-tool from a terminal.

Is there any HowTo or other guide, advice, etc, I can follow to replace the OpenSC 0.16 from EPEL with the compiled OpenSC 0.17 version from github?

Please let me know if any additional information is required.