Red Hat Bugzilla – Bug 204978
Unable to log in as local user with smartcard inserted
Last modified: 2007-11-30 17:07:33 EST
Description of problem:
Unable to log in as local user on vertual terminal with smartcard inserted, even
if smartcard use is not in enforcing mode.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Insert a smartcard
2. Go to a virtual terminal and try to log in
It will always try to assume you want to log in as the smartcard user, no matter
what username you give (and will only allow you to login if you used the
smartcard user's username and smartcard pin; it will not work with some other
username and the smartcard pin, or with the actual password for that username).
Let you log in as someone other than the smartcard user if enforcing is not set.
No, this is exactly how it is supposed to work. We work hard to make this so.
If you have smart card login turned on, and you have inserted a smart card, you
must login using that smart card.
Ah, hmm. Then... should one be able to log in remotely (ssh) as a non-smartcard
user if the smartcard is inserted?
Currently ssh is not supported for smart card login, so the answer is no.
(That's a 'next release' feature).
I would have expected that, if ssh is not currently intended to be supported
with smartcard, that smartcard insertion should _NOT_ effect it. Are you saying
that the reverse is true?
I'm sorry I misunderstood the question. You are correct. The card insertion
state will not affect ssh.
Actually once ssh support is in, the card insertion state on the *console*
should not affect ssh either.