ecryptfs / aladdin token

All of lore.kernel.org
 help / color / mirror / Atom feed

* ecryptfs / aladdin token
@ 2012-01-17 16:43 Space Cake
  2012-01-17 18:53 ` Tyler Hicks
  0 siblings, 1 reply; 2+ messages in thread
From: Space Cake @ 2012-01-17 16:43 UTC (permalink / raw)
  To: ecryptfs

Hi,

I'm trying to use an aladdin token to access some sensitive information.
Unfortunately I'm getting the following error message

vlad@brutal ~ $ ecryptfs-manager

eCryptfs key management menu
-------------------------------
    1. Add passphrase key to keyring
    2. Add public key to keyring
    3. Generate new public/private keypair
    4. Exit

Make selection: 2
[opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
failed: 0x8010002e
[opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
No readers found
Select key type to use for newly created files:
 1) tspi
 2) passphrase
 3) openssl
 4) pkcs11-helper
Selection: 4
[opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
failed: 0x8010002e
[opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
No readers found
[opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
failed: 0x8010002e
[opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
No readers found
PKCS#11 Serialized ID:
Passphrase (empty for interactive):
Optional X.509 Certificate PEM file:
Error processing key generation decision graph; rc = [-5]

I can see the card from pkcs11-tool

vlad@brutal ~ $ pkcs11-tool -L
[opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
failed: 0x8010002e
[opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
No readers found
[opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
failed: 0x8010002e
[opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
No readers found
Available slots:
Slot 0           Aladdin eToken PRO
  token label:   OpenSC Card (vlad)
  token manuf:   OpenSC Project
  token model:   PKCS#15
  token flags:   login required, PIN initialized, token initialized
  serial num  :  262119072909

any idea? same token is working for ssh login

Thank you
L:

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: ecryptfs / aladdin token
  2012-01-17 16:43 ecryptfs / aladdin token Space Cake
@ 2012-01-17 18:53 ` Tyler Hicks
  0 siblings, 0 replies; 2+ messages in thread
From: Tyler Hicks @ 2012-01-17 18:53 UTC (permalink / raw)
  To: Space Cake; +Cc: ecryptfs

[-- Attachment #1: Type: text/plain, Size: 2653 bytes --]

On 2012-01-17 17:43:00, Space Cake wrote:
> Hi,
> 
> I'm trying to use an aladdin token to access some sensitive information.
> Unfortunately I'm getting the following error message
> 
> vlad@brutal ~ $ ecryptfs-manager
> 
> eCryptfs key management menu
> -------------------------------
>     1. Add passphrase key to keyring
>     2. Add public key to keyring
>     3. Generate new public/private keypair
>     4. Exit
> 
> Make selection: 2
> [opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
> failed: 0x8010002e
> [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
> No readers found
> Select key type to use for newly created files:
>  1) tspi
>  2) passphrase
>  3) openssl
>  4) pkcs11-helper
> Selection: 4
> [opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
> failed: 0x8010002e
> [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
> No readers found
> [opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
> failed: 0x8010002e
> [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
> No readers found
> PKCS#11 Serialized ID:
> Passphrase (empty for interactive):
> Optional X.509 Certificate PEM file:
> Error processing key generation decision graph; rc = [-5]
> 
> I can see the card from pkcs11-tool
> 
> vlad@brutal ~ $ pkcs11-tool -L
> [opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
> failed: 0x8010002e
> [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
> No readers found
> [opensc-pkcs11] reader-pcsc.c:896:pcsc_detect_readers: SCardListReaders
> failed: 0x8010002e
> [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with:
> No readers found
> Available slots:
> Slot 0           Aladdin eToken PRO
>   token label:   OpenSC Card (vlad)
>   token manuf:   OpenSC Project
>   token model:   PKCS#15
>   token flags:   login required, PIN initialized, token initialized
>   serial num  :  262119072909
> 
> any idea? same token is working for ssh login

It is likely a bug with the eCryptfs pkcs11-helper key module. It
doesn't get much use and neither of us eCryptfs maintainers have the
appropriate hardware to test it (it was contributed by the pkcs11-helper
maintainer, IIRC).

Feel free to file a bug in launchpad:

https://bugs.launchpad.net/ecryptfs/+filebug

But do keep in mind that we don't have the needed hardware to fix it.
I've looked into buying an eToken PRO for personal use, but sourcing
just one in the US didn't seem to be very easy at the time.

Tyler

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2012-01-17 18:53 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-01-17 16:43 ecryptfs / aladdin token Space Cake
2012-01-17 18:53 ` Tyler Hicks

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.