Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1072383
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Provide the ability to map identity certificates from smart-cards to user entries in FreeIPA to improve the centralized authentication functionality of the product.
The idea is to utilize IdM as the centralized authentication repository for users through card + pin instead of username + password.
How would it work:
pam_pkcs11
sssd
Moving to FreeIPA 4.1 where we will re-evaluate this RFE.
Client-side counterpart ticket: https://fedorahosted.org/sssd/ticket/2596
Related ticket #4955.
master:
Web UI was mostly implemented in tickets #5046 and #5045. Web UI support for {user|service|host}_{add|remove}_cert commands, implemented in 76eea85, is still missing (#5108)
Nathan Kinder just started very promising blog series about Smart Cards and this feature: https://blog-nkinder.rhcloud.com/?p=179
Metadata Update from @mkosek: - Issue assigned to mbabinsk - Issue set to the milestone: FreeIPA 4.2
Login to comment on this ticket.