Linux smart card authentication – PAM

(This is part of my howto on smart card authentication in Linux.)

PAM (Pluggable Authentication Modules) is an authentication framework which uses modules to authenticate users using a wide variety of methods. A PKCS#11 PAM module exists, which allows us to use smart cards to authenticate against any service which uses PAM. The most obvious usage of PAM is system logins, either console or graphical, but a lof of other services, for example sudo, use it (you can have a look in /etc/pam.d to see all currently installed services which use PAM).

Continue reading

Linux smart card authentication – OpenSSL

(This is part of my howto on smart card authentication in Linux.)

You can use the private key stored on your card with OpenSSL, just like you would use an on-disk key. Among other things, you can sign files, decrypt files encrypted with your public key, or generate X.509 certificates for your key. Since this is not an OpenSSL guide, I will not describe those operations in detail, you can refer to the OpenSSL page in the Ubuntu Server Guide if you are not familiar with them, the syntax is the same (except for the necessary command flags to tell OpenSSL to use your smart card, see below).

Continue reading

Linux smart card authentication howto

This is something I posted on Ubuntu Forums a while ago. Since the tutorials section of UF is bound to disappear, I am reposting it here. I have only tested it on Ubuntu; it should work as is on Debian and other Debian-derivatives, and almost as-is on any modern Linux distribution.

Because your machine hosts extremely sensitive data (or, more probably, just for the geek factor) passwords sometimes just don’t cut it. Thanks to the OpenSC project, Linux users can also use smart cards in lieu of passwords to authenticate against various services, which, in addition to being immune to dictionary or brute force attacks, just looks way cooler. This guide will describe the steps needed to use smart cards for various authentication and encryption purposes. I’d like to thank UF user Berduchwal for starting work (and getting me interested to it) in this thread.

Continue reading

1 – $\mathbf{R}$ vs. $\mathbf{Q}$ and number fields

(This is part of my series on algebraic number theory.)

In the introductory post of my series on field theory, I remarked that $\mathbf{Q}$ is a lot more complicated than $\mathbf{R}$ from a field-theoretic standpoint. The reader who has worked through the questions at the end of each post will probably already have some idea of what was meant by that. This first post on algebraic number theory will elaborate on this, and introduc number fields, which are the main objects of study in this discipline.

Continue reading

5 – Simple extensions

(This is part of my series Field theory for high-schoolers.)

This post describes a particular type of field extensions called simple extensions, thus named because they can be constructed from the base field in a simple and systematic manner.

Let $f(x)$ be a non-constant polynomial with real coefficients that has no root in $\mathbf{R}$. Kronecker’s theorem tells us that there exists some extension of $\mathbf{R}$ in which $f(x)$ has a root, but it tells us nothing about what that extension actually is. In other words, it doesn’t tell us how to construct such an extension. By “constructing” a field extension, we mean being able to describe its elements.

The aim of this series is to illustrate how $\mathbf{C}$ can be constructed from $\mathbf{R}$. This implies that we should know how to construct an extension of some known field. This post and the next will discuss how to construct a field extension by adjoining to a base field a single element of a bigger field, and show how $\mathbf{C}$ can be constructed from $\mathbf{R}$ in that way.

Continue reading

3 – Kronecker’s theorem

(This is part of my series Field theory for high-schoolers.)

This post states a fundamental result about polynomials, due to Kronecker, which is well-known in the case of the extension $\mathbf{C}/\mathbf{R}$, but is also valid in a more general setting. It really belongs in post 2, but since post 2 is quite long and because it is such an important result, I decided to put it in a separate post.

We have seen that it is possible for a polynomial with coefficients in a field $F$ to have no root in $F$, but have roots in an extension of $F$. The classical example is $x^2+1$ in $\mathbf{R}$: complex numbers were invented precisely to “give it” a root.

Actually, every non-constant polynomial in real coefficients has a root in $\mathbf{C}$ (since a polynomial in real coefficients can also be viewed as a polynomial in complex coefficients, and $\mathbf{C}$ is algebraically closed). This is an illustration of a more general result due to Kronecker, which states that given a field $F$ and a non-constant polynomial $f(x)$ with coefficients in $F$; there always exists an extension $E$ of $F$ such that $f(x)$ has a root in $E$.

Of course, if $f(x)$ has a root in $F$, we are done because $F$ is already the desired extension. The result is more impressive (and useful) in the case where $f(x)$ has no root in $F$. In the rest of our work, we will describe the nature of $E$.

Next: Algebraic elements