Ok, I think I have figured it out. Apparently it was the random tinkering that did it and not what I mentioned above. But I have been able re-tinker the randomness after a clean install of Jaunty.
Hopefully this isn't only my application-specific instructions. But if it is, rest assured that this will allow you to VPN into AFIT's servers and then rdesktop to one of the terminal servers using only your DoD CAC and pin.
And since this seems to be a thread to only me and myself, I imagine no one will mind me laying out the steps here so I can re-do again in the future.
The steps are a compilation from two websites:
http://symbolik.wordpress.com/2007/0...ders-on-linux/
http://symbolik.wordpress.com/2007/0...-rdesktop-15x/
And just in case these links ever die, here's what they say (with the appropriate credit due):
# Download the following tarball files and extract them (tar xvfz filename.tar.gz):
* libusb - Project URL:”
http://libusb.sourceforge.net/”
* pcsc-lite - Project URL:”
http://pcsclite.alioth.debian.org/”
* pcsc-tools - Project URL:”
http://ludovic.rousseau.free.fr/softwares/pcsc-*tools/“
* ccid - Project URL:”
http://pcsclite.alioth.debian.org/ccid.html“
* CoolKey - Project URL:”
http://directory.fedora.redhat.com/wiki/CoolKey“
# Make the install directories, along with a critical build-time directory - “mkdir -p /usr/cac/lib/pkgconfig”
# Set the build variable - “declare -x PKG_CONFIG_PATH=/usr/cac/lib/pkgconfig” - this is only needed for building, not later using these tools.
# Change to the respective directories and configure/make/make install:
* cd libusb0.1.12 && ./configure –prefix=/usr/cac && make && make install, then cd up one directory
* cd pcsclite1.4.0 && ./configure –prefix=/usr/cac && make && make install, then cd up one directory
* cd pcsctools1.4.8 && edit “Makefile” - change “DESTDIR” to “/usr/cac” && make && make install, then cd up one directory
* cd ccid1.2.1 && ./configure –prefix=/usr/cac && make && make install, then cd up one directory
* cd coolkey-1.1.0 && ./configure –prefix=/usr/cac && make && make install, then cd up one directory
In continuing to integrate CAC into Linux, I went to the RDesktop SourceForge CVS website, followed the cvs download directions (using “rdesktop” as the modulename), and downloaded the latest version of rdesktop, which is supposed to have smartcard reader support. This piggybacks off of the installation of the CAC reader software in the previous post.
Once downloaded, cd to the rdesktop directory and do the following:
1. Run the command “declare -x PKG_CONFIG_PATH=/usr/cac/lib/pkgconfig”
2. “./configure –prefix=/usr/cac –enable-smartcard” - look for the line, “checking for PCSCLITE:” - it should say “yes” (thanks to the previous “declare” command)
3. make && make install
4. Run with “rdesktop -r scard <remote IP>:<remote port>
Also, keep in mind that I did this after following the instructions on this link. So I have no idea if the following is redundant or overwrites what I previously did. Hopefully someone else can figure that out.
Now for the nifty code stuff that I actually ran after extracting all the files to their directories in my home/user directory (with updated version numbers than in the above quotes):
Code:
sudo mkdir -p /usr/cac/lib/pkgconfig
Code:
declare -x PKG_CONFIG_PATH=/usr/cac/lib/pkgconfig
Code:
cd libusb-1.0.0 && ./configure --prefix=/usr/cac && make && sudo make install && cd
Code:
cd pcsc-lite-1.5.3 && ./configure --prefix=/usr/cac && make && sudo make install && cd
Code:
cd pcsc-tools-1.4.15 && gedit Makefile
****Not code but text changes inside Makefile****
change “DESTDIR” to “/usr/cac”
****code continues****
./configure --prefix=/usr/cac && make && sudo make install && cd
Code:
cd ccid-1.3.10 && ./configure --prefix=/usr/cac && make && sudo make install && cd
Code:
cd coolkey-1.1.0 && ./configure --prefix=/usr/cac && make && sudo make install && cd
Code:
cd rdesktop-1.6.0 && declare -x PKG_CONFIG_PATH=/usr/cac/lib/pkgconfig && ./configure --prefix=/usr/cac --enable-smartcard && make && sudo make install && cd
That's it. If you then VPN in and run:
Code:
rdesktop -r scard <remote IP>:<remote port>
you should have CAC login ability to a terminal server.
Or for a full-screen (toggle with CTRL - ALT - ENTER):
Code:
rdesktop -fr scard <remote IP>:<remote port>
Also, I found out that in order to get my VPN with Cisco Anyconnect working, I needed the latest JRE and java plugin:
Code:
sudo apt-get install sun-java6-jre sun-java6-plugin
Otherwise the Anyconnect would just sit there and then fail.
Well, hopefully I have properly captured the random tinkering I did to accomplish this from a fresh install. And if anyone else reads this thread with a similar problem, I hope it works for you.
Bookmarks