Smartcard Support for Panther?

poemofatic asks: "I use a Powerbook to connect to my work's VPN server. Recently, my sysadmin has been setting up smart card support for VPN authentication, and I'd like to know if anyone in the Slashdot crowd has managed to use smart cards on Panther to successfully connect to a Microsoft VPN server. Also, it'd be nice to hear if anyone has used either the Schlumberger or Gemplus cards successfully, and whether they've tried the USB tokens."

Smart Cards

[spamtrap]

Security is where you want to look.

There are smart card PC/SC links on that page that mention the kind of cards that should work.

Chuck

Most of it's already there.

[Cerebus]

Apple SmartCard support is built with the DoD Common Access Card (CAC) in mind. To work with another PKI you'll need to make modifications.

Pather already includes the Apple Federal SmartCard Package, but you should download and read the docs from Apple Suport. It's essentially MUSCLE with tweaks. Enable it via 'sudo cac_setup' and disable it with 'sudo cac_setup -off'. The details are in /etc/authorization.cac.

Generally, the framework validates the private key on the card, then reads attributes from the card (by default, the DoD EDI-PI from the Demographics container) and maps this attribute against Open Directory accounts. It's pretty flexible, and it shouldn't take a lot of work to make it work with another PKI.

Re:Verizon VPN services?

[Orpheus+Liar]

Odd that you've been told they'll provide no client as iPass makes an OSX client and Cisco makes an OSX version of its VPN client which I have running on my AlBook right now (I believe you must have an account with Cisco to get it from their site, but Google shows many hits with the download).