Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] smart card support #993

Open
choman opened this issue Jan 10, 2018 · 7 comments
Open

[Question] smart card support #993

choman opened this issue Jan 10, 2018 · 7 comments
Labels
smartcard

Comments

@choman
Copy link

choman commented Jan 10, 2018

Trying to follow along with a few issues #471 #963 (and others)

I am using centOS 7.4 with xrdp .0.9.4, is there any support for smart cards with this configuration?
And if so can someone please tell me how to turn it on for logins?

It seems support has been around since 0.8.0, hopefully with 0.9.4 I don't need to compile the "special"
libpcsclite.so.

Or do I need to wait for 0.9.6 (or 1.0) for support to be there?

Thanks in advance
Chad
@x09
Copy link

x09 commented Jan 30, 2018

i need smart card redirection too.
try connect

xfreerdp /smartcard:'ACS ACR3901 ICC Reader 00 00' /v:xrdp-host /sec:rdp /u:user2
[17:41:59:879] [10970:10971] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpdr
[17:41:59:879] [10970:10971] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpsnd
[17:41:59:889] [10970:10971] [WARN][com.freerdp.core.gcc] - Server uses non-advertised encryption method 0x00000000
[17:41:59:890] [10970:10971] [ERROR][com.winpr.timezone] - Unable to get current timezone rule
[17:41:59:892] [10970:10971] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[17:41:59:892] [10970:10971] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_RGB16
[17:41:59:904] [10970:10971] [INFO][com.winpr.clipboard] - initialized POSIX local file subsystem
[17:41:59:906] [10970:10976] [INFO][com.freerdp.channels.rdpdr.client] - Loading device service smartcard [ACS ACR3901 ICC Reader 00 00] (static)
[17:42:03:075] [10970:10977] [ERROR][com.freerdp.channels.rdpsnd.client] - unknown msgType 39
[17:42:03:076] [10970:10976] [INFO][com.freerdp.channels.rdpdr.client] - registered device #1: SCARD (type=32 id=1)
[17:42:03:195] [10970:10976] [INFO][com.freerdp.channels.rdpdr.client] - registered device #1: SCARD (type=32 id=1)

in xrdp session smart card not present..

@cro
Copy link

cro commented Feb 23, 2018

Data point, the official Microsoft RDP client for macOS now supports smart card redirection. This is the 10 series, not the older 8 series--you have to install it from the App Store explicitly. If you have the older version 8 you are not notified there is an update.

I haven't tried this against the devel branch of xrdp yet, maybe this weekend.

@bogenchief2710
Copy link

Is there any configuration required in the configuration files xrdp.ini and sesman.ini for smartcard pass through?

@cjbidwell
Copy link

Did anything ever come of this? Still need to get CAC/Smart Card on xrdp working.

@cro
Copy link

cro commented Jul 29, 2021

I tried the devel branch and it did not work for me. Later on I gave up using my Yubikey when its hardware failed in the middle of a customer demo, so I haven't revisited it.

@matt335672
Copy link
Member

This is being worked on, but it's not there yet - have a look at #1825

@spstarr
Copy link

spstarr commented Apr 13, 2023

Ping on this, 2FA is becoming more and more required and should be for security. The xfreerdp/remmina clients have pcscd support currently.

What are the current remaining issues still to be sorted out?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
smartcard
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@cro @metalefty @x09 @spstarr @choman @cjbidwell @matt335672 @bogenchief2710