RHEL 7.4 beta is now available, delivering a new version of IPA which contains the support for Smart Card authentication. This feature allows to use a certificate contained in a SmartCard in order to login to IdM WebUI, to ssh to an IdM-enrolled host, or to login to the console or Gnome Desktop Manager of an IdM-enrolled host.
This feature is really powerful but may also seem difficult to troubleshoot. I will explain where to look for additional information when authentication fails, and how to fix the most common issues.
The information is split into posts specific to each authentication method:
- authentication to IdM WebGUI with a SmartCard
- ssh to an IdM host with a SmartCard
- authentication to the system console or Gnome Desktop Manager of an IdM host with a SmartCard
- mapping between a SmartCard certificate and an IdM user