Comments (4)
Try https://github.com/mouse07410/OpenSC.tokend.git - you're likely to have better success. I'm using this tokend on 10.11.6 and 10.12.1 with 100% success. ;-)
I must add that the tokend I'm using has been extensively tested and enhanced for PIV cards, but I conjecture that it would work with epass2003.
from opensc.tokend.
wow- after fighting with openssl a bit, i did get a copy to build, and it seems to work using our tokens under 10.12.1. Very nice- thanks for the pointer! (edit removing the bit about contributing back to mainline: I see the pull request, thanks! )
from opensc.tokend.
I don't suppose there will be code committed back to this project so we can eventually go back to the mainline package?
@bmwt, this tokend is maintained as a parallel fork. It tracks the mainline fixes if and when they appear (which nowadays isn't highly likely). The owners of the mainline package decided not to merge it back then. I was disappointed at first, couldn't care less now.
(or is it dead given apple's deprecation of tokend?)
Tokend is not deprecated (unless you mean CDSA-based tokend, like these :).
Apple, starting with Sierra, returned to providing its own tokend - based on their new CTK (named pivtoken
). It contains a few nice enhancements (like the ability to pair smart card with the account, e.g., to unlock FileVault and Keychains with it). But it also lacks some crucial capabilities, like visualizing the token in Keychain Access (so if there are any problems with certs on it, or with the issuing CA - good luck! You'll need it). Coincidentally, cutting off the "old" interface made it impossible for the 3rd-party apps such as MS Office, Adobe Acrobat, Firefox, etc. to utilize smart cards on Sierra. Currently (AFAIK) only Apple Mail and Safari can use hardware tokens, and you can't actually see what's on those tokens, or even what those tokens are (unless you count hash of something on the token presented in hex as a useful identifier :)). Until all those apps are re-written by their corresponding vendors to move to the CTK interface, they won't work with tokens.
Luckily, Sierra allows operations in Legacy mode: you disable pivtoken
, install your working tokend in /Library/Security/tokend
, and use your smart cards and apps on Sierra as on El Capitan (especially if your main need for smart cards is to use it with applications rather than for logging in). The only disadvantage I see is that you lose the pairing ability - but it's only useful at login anyway.
And of course, we never know - perhaps with 10.13 or 10.14 pivtoken
would go the way SmartCardServices went in Lion? Apple giveth, and Apple taketh away. :) So it makes sense to keep this tokend for a while longer until there's more certainty. :-)
from opensc.tokend.
ahh, i thought CTK was a replacement for tokend, and that tokend was going away. This clarifies quite a bit- all the information i was looking for, but couldn't find. Much, much appreciated- we'll just continue to follow your fork until apple decides to throw something else our way.
from opensc.tokend.
Related Issues (13)
- OpenSC.tokend cannot PIN-unlock a PIV card HOT 8
- can't see my italian CRS/CNS in 10.10 keychain HOT 6
- Mac OS X Yosemite Problem HOT 8
- Current sha2 branch lost the ability to RSA-sign HOT 3
- OpenSC always prompts for a PIN to access public key, which is wrong HOT 2
- PIN Code gets rejected when trying to logon to an Active Directory Domain HOT 6
- PIN not recognized with Gemalto Prox-DU reader HOT 6
- With Mac OS X 10.11.5 tokend does not work any more HOT 8
- ccccccejjfcudkhcelvhbbecrhujgljbjgjkclbfvtti HOT 2
- MacOS Xcode-10 tokend fails to build HOT 13
- tokend does not work any more HOT 9
- xcodebuild on OSX 10.10 fails with unwanted "register launch services" HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensc.tokend.