mojave man page for smartcardservices-legacy

Mojave Man Pages All Man Pages Latest Topics Forum Categories

Query: smartcardservices-legacy

OS: mojave

Section: 7

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

SmartCardServices-legacy(7)			       BSD Miscellaneous Information Manual			       SmartCardServices-legacy(7)


NAME

     SmartCardServices-legacy -- overview of legacy SmartCard support


DESCRIPTION

     SmartCardServices-legacy is a set of components which add native support for SmartCards to OS X based on Tokend modules. Since OS X 10.12,
     there is  SmartCard support which is described in SmartCardServices(7)

     Supported SmartCards appear as separate keychains.  A Tokend module for each SmartCard you wish to use must be installed in
     /Library/Security/tokend


USB SMART CARD READER DRIVERS

     OS X has built-in support for USB CCID class-compliant SmartCard readers.	For other readers, install the reader driver in
     /usr/local/libexec/SmartCardServices/drivers.  Each driver is a bundle.  The bundle contains an XML file Info.plist which contains the
     device's USB vendor ID and product ID.  For detailed description of the plist format and how to write a reader driver, see
     http://pcsclite.alioth.debian.org/api/group__IFDHandler.html


SMART CARD APDU LOGGING

     It is possible to turn on logging for SmartCards by setting the global preference:

     sudo defaults write /Library/Preferences/com.apple.security.smartcard Logging -bool yes

     After a SmartCard reader is connected (or after reboot) all operations including contents of sent and received APDU messages are then logged
     into the system log.  Logging uses the facility com.apple.security.smartcard.log so it is possible to set up filtering of these logs into
     custom targets (see asl.conf(5))

     To avoid security risks that could occur if logging is turned on indefinitely, the logging setting is one-shot - it must be turned on by the
     command above to start logging again with a new reader.  This includes unplugging and replugging the same reader.


DISABLING NEW SMART CARD SUPPORT

     It is possible to turn of the new tokens by setting the global preference:

     sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken


DISABLING SHEET AUTHORIZATION IN PREFERENCES

     When using tokend-based SmartCards, according to your configuration you may not be able to use SmartCards for authorization in System Prefer-
     ences sheets. In such case, you can disable sheets using following command:

     defaults write com.apple.Preferences UseSheets -bool FALSE

     System Preferences will then use the original dialog-based authorization.


ENTITLEMENT

     Sandboxed PCSC clients require 'com.apple.security.smartcard=YES' entitlement. Non-sandboxed PCSC clients do not require such entitlement (in
     order to keep backward compatibility with macOS < 10.10).


SEE ALSO

     SmartCardServices(7), sc_auth(8), defaults(1), asl.conf(5), ssh-keychain(8)

Mac OS X							  August 5, 2014							  Mac OS X
Related Man Pages
sc_auth(8) - mojave
ssh-keychain(8) - mojave
pcscd(8) - suse
gss(5) - osx
pcscd(8) - osx
Similar Topics in the Unix Linux Community
TA08-150A: Apple Updates for Multiple Vulnerabilities
OpenCT 0.6.15 (Default branch)
TA09-022A: Apple QuickTime Updates for Multiple Vulnerabilities
BASH tr command help
BUY HIGH QUALITY PASSPORTS,IDS,DRIVERS LICENSE,VISAS,SS CARD(paulhooverproduction@gmail.com