• HowTos
• eToken_Smartcard

Howto use the Aladdin eToken Smartcard on a LinuxBox

• date: 03.12.2008
• author: Cornelius Koelbel

• <cornelius.koelbel AT lsexperts DOT de>

• used eToken hardware: eToken Smartcard CardOS/M 4.01M
• used eToken PKI Client Version: 4.55
• used Card Reader: Cardman 4000

Configuration

Besides operating the eTokenPro USB with the Aladdin PKI Client, it is necessary to install additional opensource software:

I also installed:

• openct (0.6.14)
• opensc (0.11.4)

pcsc-lite was already installed.

Configure openct

The cardman 4000 is supported by openct, so my minimal /etc/openct.conf looks like this:

debug   = 0;
hotplug = yes;
ifdhandler = /usr/sbin/ifdhandler;

ifdproxy {
};
reader cm4000 {
        driver = cm4000;
        device = pcmcia:/dev/cmm0;
};

You need to restart openct. And the card reader should be visible. (For more details about this see http://www.opensc-project.org/openct/.)

Configure pcscd

Since the eTPkcs11.so of Aladdin requires pcsc lite, we also need to configure pcsc lite and tell it, where to find the reader. Therefor we configure the file /etc/reader.conf.d/openct:

FRIENDLYNAME     "OpenCT"
DEVICENAME       /dev/null
LIBPATH          /usr/lib/openct-ifd.so
CHANNELID        0

Usually (depending on your distribution /startscripts) you need to run the command update-reader.conf to recreate the file /etc/reader.conf.

Restart the pcscd.

Checking

If everything worked fine, you could check the accessability of your eTokenPro USB _and_ your eToken Smartcard like this:

~# pkcs11-tool --module /usr/lib/libeTPkcs11.so -L
Available slots:
Slot 0           OpenCT 00 00
  token label:   eToken
  token manuf:   Aladdin Ltd.
  token model:   eToken
  token flags:   rng, login required, PIN initialized, token initialized, other flags=0x200
  serial num  :  247e4f0b141f
Slot 1           AKS ifdh 00 00
  token label:   koelbel
  token manuf:   Aladdin Ltd.
  token model:   eToken
  token flags:   rng, login required, PIN initialized, token initialized, other flags=0x200
  serial num  :  0019b840

Here you can see the Smartcard with the serial number 247e4f0b141f inserted in the cardman 4000 accessed via openct and the eTokenPro USB via the Aladdin ifdhandler.