This website deals with using the Aladdin eToken with Linux. It is supposed to be a collection of necessary information and to be a contact point for everyone willing to run the eToken under Linux or do some new development. All kind of experience reports are very welcome. If you want to participate in sharing your information or experiences here at this site, please contact LSE or CorneliusKoelbel.
This website is not run by Aladdin itself, but by LSE Leading Security Experts GmbH - a consulting partner of Aladdin.
All text on this website is published under the Gnu Free Document License.
If you want to get professional assistance, please contact LSE for a consulting or solution contract.
News and Current Events
Added a howto for Aladdin eToken and PKI.
Aladdin Middleware (PKI Client) 5.0 will be hopefully out in november.
Added a howto for Aladdin eToken and Active Directory.
Aladdin Middleware (PKI client) 4.55 for Linux is out. Read FAQ/RTE_4.x
LSE developed a linux based backend LinOTP to use the eTokenNG OTP.
Read how to protect your encrypted root filesystem with an eToken.
Download the patch to make Aladdin eToken Middleware 3.65 work with current udev implementations -> HowTos/eToken_and_uDev
RDesktop supports smartcards. Take a look at HowTos/eToken_and_rdesktop.
The eTokenNG FLASH is out. As a matter of fact it works fine with linux.
Introduction
The eToken is a readerless smartCard, that can be plugged into the usb port.
It can be run in two different ways under Linux:
You can use the open source project OpenSC and format the token in PKCS15. Although there is pkcs15-Support for Windows, this will break the default compatibility to Windows.
The other possibility is, to use the token the generic way, as it comes when you buy it from your distributor. For this you will need the Aladdin pkcs11-library, that comes with the Aladdin Linux Middleware or also called PKI client. Additionally you will need the pcsc lite daemon, which you can install the default way with your distribution. This way the eToken will be readable both, under Linux _and_ Windows.
Nevertheless if using the Aladdin middleware you can still use many usefull tools from the opensc project like pkcs11-tool, pam_pkcs11 or opensc-engine.
Information Sources
- Where to get the basic information?
Where to buy an eToken http://www.lsexperts.de
Getting eTokens and the middleware for testing http://www.aladdin.de/produkte/usbtoken_esecurity/etoken_teststellung.html
Learn more about opensc http://www.opensc-project.org/download.php
Just getting the Linux middleware mailto:cornelius.koelbel_at_lsexperts.de
Learn more about pam_pkcs11, which is needed to Login via eToken http://www.opensc-project.org/pam_pkcs11/
openca can be used, to rollout your certificates to the eToken http://www.openca.org
HOWTOs and FAQ
Here you will find HowTos for several problems. Feel free to contact us and provide your own HOWTO!
Also take a look at the FAQ.
Applications
that run with the eToken: Applications_for_eToken. But there are sill many applications missing.
Interoperability between Linux and Windows
The current Aladdin Middleware 4.55 ensures complete interoperability with the certificates and keys on the eToken between Windows and Linux.
ToDo
This section describes missing applications and what needs to be done. -> ToDo/Missing_Applications