This post is about the usage of the .NET SmartCard in Thunderbird. You might want to read Installing and configuring a .NET Smartcard first.
Consideration
It is possible to use the SmartCard with TrueCrypt, however, it does not provide the level of security it could be. This is because TrueCrypt is not able to use the certificats stored on the card. The strong security of the card is based on the fact that secret portion of the certificate cannot be read from the card and thus, cannot be copied. TrueCrypt can use only security tokens, which can be stored on the card. The token can be read and copied by any application that is provided with the PIN of the card.
Anyway, using the security token is typically much more safe than using a password.
Configuring the security device
Open truecrypt, go to Settings –> Security Tokens
Select the Gemalto PKCS#11 Library. Mine was located at
C:\Program Files (x86)\Gemalto\PKCS11 for .NET V2 smart cards\gtop11dotnet.dll
Set the checkmark for “Close token session (log out) after a volume is successfully mounted
Loading a token onto the card
Go to Settings –> Default Keyfiles
Press Generate Random Keyfile… and save the generated keyfile
Press Add Token Files… and add the generated keyfile to the card via Import Keyfile To Token…
Make sure you securely delete the generated keyfile from your harddisk now!
Done! Now you can use the keyfile on the SmartCard for container creation and for mounting the volumes.
Keine Kommentare:
Kommentar veröffentlichen