The Fellowship / Fellows / greve / freedom bits / Ubuntu to be first "Fellowship Ready" Distribution?

Ubuntu to be first "Fellowship Ready" Distribution?

greve

Wednesday 23 August 2006

From the very beginning, the idea of the Fellowship was to create space for a digital community in which people would work together on various issues related to freedom in a digital society, especially Free Software. Now Lukas Fittl from Austria has just once more demonstrated the point by picking up a task that I had been thinking about recently: Simplifying the udev rules for the Fellowship crypto card, which were still somewhat cludgey from the early days of the Fellowship. Excellent!

The rules he published in his blog are indeed the best version thus far. So let me contribute to the effort:

There is one more USB smart card reader by SCM that works with GnuPG and has the product ID e001. After adding that to Lukas' configuration, my /etc/udev/gnupg-ccid.rules looks as follows:

ACTION!="add", GOTO="gnupg-ccid_rules_end"

# USB SmartCard Readers
## SCM readers (SCR335, SPR532, & Co)
ACTION=="add", SUBSYSTEM=="usb_device", SYSFS{idVendor}=="04e6", SYSFS{idProduct}=="e001", GROUP="scard", MODE="0660"
ACTION=="add", SUBSYSTEM=="usb_device", SYSFS{idVendor}=="04e6", SYSFS{idProduct}=="e003", GROUP="scard", MODE="0660"
ACTION=="add", SUBSYSTEM=="usb_device", SYSFS{idVendor}=="04e6", SYSFS{idProduct}=="5115", GROUP="scard", MODE="0660"

# PCMCIA SmartCard Readers
## Omnikey CardMan 4040
SUBSYSTEM=="cardman_4040", GROUP="scard", MODE="0660"

LABEL="gnupg-ccid_rules_end"

Trying it on two different machines (both running Debian GNU/Linux "etch"), I can confirm that these rules work for one USB card reader (the one with the e001 product id) and a PCMCIA Omnikey CardMan 4040 here. So the rules look good.

We should check out whether there is other devices that work with the current kernels and versions of GnuPG, so if you have other smart card hardware around, now would be a good time to build a database of supported devices -- which would then allow all of them to be used out of the box with coming GNU/Linux distributions.

Because this is the next important step: Having distributions be "Fellowship Ready" in the sense of supporting smart cards out of the box without additional configuration. That will allow more people to take control of their data and privacy easily, and also make it possible to simply plug our smart cards into machines anywhere to have secure remote logins. So this is a very useful initiative.

Thanks to Lukas it appears that Ubuntu might be the first "Fellowship Ready" distribution, and I certainly hope it won't be the last.

This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.

Comments

Support for Omnikey CardMan 5121

moritz

Saturday 09 June 2007

adding the following line works for my reader, which is a CardMan 5121 from Omnikey.

ACTION=="add", SUBSYSTEM=="usb_device", SYSFS{idVendor}=="076b", SYSFS{idProduct}=="5121", GROUP="scard", MODE="0660"

(one line)

Patch sent to Ubuntu/Debian maintainer

lfittl

Friday 25 August 2006

Thanks for your feedback and the updated rules Georg, I just sent the patch to James Troup, the Debian/Ubuntu maintainer for the gnupg package. Hopefully he will find time to review and upload it before the Ubuntu Feature Freeze in 2 weeks, otherwise we would have to wait until the next Ubuntu release (edgy+1). Adding additional rules later should be easy, so everybody else: Simple send them by mail to me, or write about them here, as long as I can find them I will try to add them.

Log in or join the Fellowship to post comments.

Fellow Events

Selected Day Today