RE: [Fed-Talk] SCR243 PCMCIA Car
RE: [Fed-Talk] SCR243 PCMCIA Car
- Subject: RE: [Fed-Talk] SCR243 PCMCIA Car
- From: "Lawlin, David C CIV (NAVAIR 4.1.3)" <email@hidden>
- Date: Fri, 24 Feb 2006 12:53:17 -0500
- Thread-topic: [Fed-Talk] SCR243 PCMCIA Car
I also had problems with getting my SCR243 to work. Though the reason
for my problem may be different from yours the following guidance may be
of benefit.
After following the guidance in the attached email from Shawn mine works
fine.
Dave
-----Original Message-----
From: fed-talk-bounces+david.lawlin=email@hidden
[mailto:fed-talk-bounces+david.lawlin=email@hidden] On
Behalf Of Timothy J. Miller
Sent: Wednesday, February 22, 2006 14:12
To: Scott Cote
Cc: email@hidden
Subject: Re: [Fed-Talk] SCR243 PCMCIA Car
FWIW I rebuilt & followed Shawn's instructions again (move the CCID
driver out, force pcscd to run, etc.), but I'm still getting the pcscd
crash.
-- Tim
Scott Cote wrote:
> Mark,
> There are some suggestions in the archive, though I have not got
> this working yet... One of the latest emails on this i quoted below,
> if it helps... Shawn has also mentioned that 10.4.4. has issues with
> stopping a service that the PCMCIA reader needs, so it's inherent in
> the OS right now, and needs to be fixed (again, its in the archive)
> Scott
> *From: * email@hidden <mailto:email@hidden>
> *Subject: * *Re: [Fed-Talk] PCMCIA CAC Reader Rec Req*
> *Date: * February 14, 2006 8:47:18 AM PST
> *To: * email@hidden <mailto:email@hidden>
> *Cc: * email@hidden <mailto:email@hidden>
>
> Shawn Geddis wrote:
>
>
>> Mac OS X 10.4.x already ships with drivers for the following PC Card
>> Smart Card Readers:
>>
>
>
>> * SCM (SCR24X ==> SCR241 / SCR243)
>>
>
> Shawn, I still was unable to get this reader to work until I installed
> the SCM drivers. Unfortunately, the SCM installer *removes* the Apple
> driver (very unfriendly of them) so I can't reinstate it for more
> testing without reinstalling the OS. Can you slap up a zip with the
> 10.4.4 Apple driver?
>
>
>> *(1) Set securityd to launch pcscd at startup time* By default, the
>> pcscd process is started when a Smart Card Reader is connected or
>> identified on the system. There is a current issue (as of Mac OS X
>> 10.4.3) which prevents this dynamic process launching to take place
>> when a PC Card reader is in use.
>>
>
> I'm also still seeing occasional crashed of pcscd, unless I run it
> with -d syslog. Which means that I can't gather any debugging data,
> since when it's running in debugging mode it doesn't crash. ;)
>
> -- Tim
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden
> <mailto:email@hidden>)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden <mailto:email@hidden>
>
>
>
> Let us know if you get this working, as I also would like to use it.
> On Feb 22, 2006, at 3:25 AM, Mark Litkowski wrote:
>
>> Help, Please,
>>
>>
>> I am running 10.4.5 on my G4 Powerbook. I bought an SCR243 PCMCIA
>> Smart Card Reader from SCM Microsystems.
>>
>> All I want to do is be able to check my NMCI webmail.
>>
>> Unfortunately, I can't seem to get the card reader to work unless I
am
>> in the root directory, and then it is only half the time. I still
>> haven't been able to get Keychain Access to recognize my
certificates.
>>
>> Can anyone help me out?
>>
>> Thanks,
>>
>> Mark
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden
>> <mailto:email@hidden>)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden <mailto:email@hidden>
>
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
--- Begin Message ---
- Subject: Re: [Fed-Talk] PCMCIA CAC Reader Rec Req
- From: "Shawn Geddis" <email@hidden>
- Date: Fri, 6 Jan 2006 11:42:30 -0500
- Thread-topic: [Fed-Talk] PCMCIA CAC Reader Rec Req
On Jan 6, 2006, at 9:19 AM, Judy Woelfle wrote:
Just to follow-up with my email yesterday, the drivers for our PCMCIA reader are included in Tiger.
Judy Woelfle
-----Original Message-----
From: fed-talk-bounces+judy=email@hidden [mailto:fed-talk-bounces+judy=email@hidden] On Behalf Of Timothy J. Miller
Sent: Friday, January 06, 2006 9:16 AM
To: Wm. Cerniuk
Cc: Fed Talk
Subject: Re: [Fed-Talk] PCMCIA CAC Reader Rec Req
Wm. Cerniuk wrote:
> Looking for a PCMCIA CAC reader that provides excellent support for
> Mac
> that is also a decent one for the PC. Any recommendations? Of primary
> interest is operational support but also firmware update support.
SCM SCR243. Mac drivers on the website.
-- Tim
As many of you know, I have been 'unavailable' for quite sometime and am behind in followup to messages relating to Security / Smart Cards / ... on this list. I did, however, need to quickly jump in this conversation and try to clear this up a bit for everyone. I will grab a few clips from my upcoming Mac OS X 10.4 Smart Card Integration Guide.... the one many of you have been waiting for...
Mac OS X 10.4.x already ships with drivers for the following PC Card Smart Card Readers:
* CRYPTOCard (see note below)
* OMNIKey (CardMan 4040)
* SCM (SCR24X ==> SCR241 / SCR243)
*Note*
If you have or want to use the CRYPTOCard PC Card Reader, you will need to verify/do the following:
* If you have a relatively recent reader, it should be a "CardMan 4040" mechanism and just works as expected
* If you have one of the older versions of the reader (PC-1), make sure you retrieve the updated driver available
from CRYPTOCard as noted by Judy.
For right now, if you plan on using any PC Card reader, you will also need to do the following steps:
Supporting PC Card Smart Card Readers
* As of Mac OS X 10.4.3, there are two modifications to a system required to use the supported PC Card Readers.
To ensure the PC Card readers fully function (due to a current bug being fixed) perform the following two steps to always have pcscd launch with no conflicts.
(1) Set securityd to launch pcscd at startup time
By default, the pcscd process is started when a Smart Card Reader is connected or identified on the system. There is a current issue (as of Mac OS X 10.4.3) which prevents this dynamic process launching to take place when a PC Card reader is in use.
To have pcscd run at startup time, edit the /private/etc/mach_init.d/securityd.plist so that the "Command" key is:
<key>Command</key>
<string>/usr/sbin/securityd -s on</string>
The default plist for securityd is:
hurljo3% cat /etc/mach_init.d/securityd.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" " <http://www.apple.com/DTDs/PropertyList-1.0.dtd> http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>ServiceName</key>
<string>com.apple.securityd</string>
<key>Command</key>
<string>/usr/sbin/securityd</string>
<key>OnDemand</key>
<false/>
</dict>
</plist>
(2) Move aside the CCID Class Driver from the Smart Card Services.
By default, the Smart Card services detects and supports all CCID compliant readers. There is a current issue (as of Mac OS X 10.4.3) which causes the CCID Class Driver to conflict with the communication to a PC Card-based Smart Card Reader. The Class Driver (bundle) must be moved aside to prevent this conflict. Retention of this CCID Class Driver bundle is highly suggested for when this issue has been resolved.
# mv /usr/libexec/SmartCardServices/drivers/CCIDClassDriver.bundle /usr/libexec/SmartCardServices/
** This will move it outside the driver directory and into the high-level SmartCardServices directory.
(3) Removing Smart Card Services Startup Item on machines that have been upgraded from 10.3x-10.4.x
# rm -r /System/Library/Startupitems/SmartCardServices/
To clarify about the securityd ==> pcscd process control:
Under normal conditions, once pcscd is dynamically launched (when a reader is connected to/detected on an OS X 10.4 system) Securityd will verify that there is a Smart Card Reader present and attempt to match the reader to a driver (CCID Class driver covers ALL CCID Compliant readers). Once launched, after 2 minutes with no Smart Card Reader present, securityd will kill pcscd (reduce resource overhead) and wait for another event causing it to dynamically launch pcscd again (when a card reader is reattached). Now, since we are modifying securityd.plist ("securityd -s on") to always signal securityd to launch pcscd at startup and not to kill it after 2 minutes the normal process has been short circuited.
I have all of this handled with shell scripts, but will release that at the time the guide is ready and will make it perfectly clear that they are from me 'personally' and Apple is not responsible for supporting them.
- Shawn
___________________________________________
Shawn Geddis T (703) 264-5103
Security Consulting Engineer C (703) 623-9329
Apple Enterprise Sales email@hidden
Apple Computer, Inc.
1892 Preston White Drive T (703) 264-5100
Reston, VA 20191
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--- End Message ---
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden