Re: [Fed-Talk] Encrypting files and folders via DoD CAC?
Re: [Fed-Talk] Encrypting files and folders via DoD CAC?
- Subject: Re: [Fed-Talk] Encrypting files and folders via DoD CAC?
- From: "Brochner, Ruben CTR DTIC Z" <email@hidden>
- Date: Wed, 20 Feb 2008 10:11:54 -0500
- Thread-topic: [Fed-Talk] Encrypting files and folders via DoD CAC?
> Note that it is possible to enable FileVault for smartcards in Leopard.
Does this mean that Leopard supports logging in with a CAC on a FileVault
enabled system?
If so, does this work with Active Directory?
Does it require the use of third party software, like ADmit Mac for CAC?
I know that under 10.4, FileVault with CAC was not officially supported by
Apple--especially in Active Directory.
-Ruben
On 2/20/08 9:51 AM, "Timothy J Miller" <email@hidden> wrote:
> On Feb 19, 2008, at 5:47 PM, Michael wrote:
>
>> Other then emailing yourself a file or folder is there a good way
>> to encrypt files and folders using the DoD CAC on OS X?
>
> You'd do this with encrypted disk images. I know the hdiutil command
> is certificate and keychain aware, so it's theoretically possible--
> but I've never actually tried it.
>
> However, managing encrypted images from the command line wouldn't be
> the best solution. And I don't have Leopard to play with at the moment.
>
>> Of course the side effect is bad if you lose the CAC or it expires
>> and gets replaced before you de-encrypt all the files or folders.
>
> You should be able to set up an encrypted image the same way that
> FileVault does--and use the same key. But it's not clear poking at
> hdiutil if it supports *multiple* public key access credentials.
>
> Note that it is possible to enable FileVault for smartcards in Leopard.
>
> -- Tim
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden