Thank you for responding, Obviously I cannot say too much about the project though, but what I can say is this: (I know it sounds a bit like a "sci-fi" movie :-) )
Only a few employees would be required to use this authentication method, (the ones working on the sensitive information). And only these employees would go through the "secure room" everytime they pitch up for work. I know that the last-modified date can be tampered with, so instead of using human readable files, I would do something like in MySQL (when you want to "encrypt" passwords, you use any word (refered to as "salt"), to "encrypt" a password. And everytime you want to access that particular "encrypted" file, you must supply the "salted" word otherwise you can forget about decrypting it. Or else I would just use one of the available encryption methods. Anyway, the idea also is to not allow an employee to be in possession of the same SD card for longer than 2 days. And it will be required of them to change their access details at least twice a week. I just needed to know if OpenBSD would be able to detect the reader, and read and write to the SD card. I have convinced my employer to use OpenBSD, and so far everything is geared towards OpenBSD. So if you guys tell me that OpenBSD will not be able to detect the USB reader and read/write to the SD cards, then I might be in a bit of trouble. Linux (in all it's forms) is totally out of the question. FreeBSD was also an option, but I went for OpenBSD because of it's "obscurity" and security. I didn't choose USB, USB chose me. Nowadays almost nothing has a parallel port or serial port connected to it, not even mentioning PS/2. The other day I read that even sound cards are going the USB way (strange but true). Any way Please continue posting your help and suggestions. (If there is any other way I can do this "authentication", I would be too glad to hear about it) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Guenther Sent: Saturday, February 11, 2006 10:41 PM To: misc@openbsd.org Subject: Re: OpenBSD USB question On 2/11/06, Danny <[EMAIL PROTECTED]> wrote: > Good Day, > > Background: > > I am busy with a project whereby all employees will be authenticated > with their own SD cards. Read more about the cards here: > http://www.sandisk.com/Products/Catalog(1039)-SanDisk_SD_Cards.aspx > > The user will enter a secure room, insert his/hers SD card into a card > reader, type in his/hers username, password and id (and maybe some > other requested info), and if the information corresponds to the info > on the SD card, the employee could then enter the building. > Interesting! When you get it finished it would be nice if you post a full summary here for the record. > Also the card will be checked for tampering by means of last access > date or something along that line. That is why we cannot use normal > magnetic I.D cards. Can't the last access date be modified though? > I know the SD cards are small, and people can loose them, but I was > told to go with SD cards. I think maybe because SD cards can be > instantly wtite to, and information can be changed quicker than with a > magnetic card > for instance. > > I would like to know if OpenBSD will be able to recognise and access > the SanDisk ImageMateR 12-in-1 Reader/Writer SDDR-89. > > More info on this piece of hardware can be found here: > http://www.sandisk.com/Products/Item(1145)-SDDR-89-SanDisk_ImageMate_1 > 2i > n1_ReaderWriter.aspx I remember reading that that particular device is supported, but I don't remember where. Sorry. Anyway, it's easy enough to test: startup the install media but stop it at the boot> prompt (just bash random keys) and then key in "boot cd0c:/3.8/i386/bsd" and hit enter (I think, you will have to tailor the cd0c part to match up with the device you are booting from, and the path to match up with the kernel you are booting from). This will bring up the full GENERIC kernel with all the drivers loaded. Then just plug in one of the readers and watch the blue text that comes up. if it says something like "not configured" then you're out of luck, but otherwise it will probably list of several devices that it's just installed. Plug in an SD card and it should display something like "sd0: gfdgfdgfdgfdgfdgfdgfdg". Do 'mount /dev/sd0 /mnt' to access the card then. Of course I could be totally wrong. -Kousu
