Difference between revisions of "Smartcard bankId eId"
Line 184: | Line 184: | ||
===Local test=== | ===Local test=== | ||
− | Open | + | * Open Firefox and go to: file:///etc/iid/admin/index.html |
+ | * You should see your e-Id when you plug your card! :) | ||
− | + | ||
+ | ===OnLine test=== | ||
+ | |||
+ | * Open Firefox and go to: https://cve.trust.telia.com/TeliaElegNG/Test | ||
+ | * Allow the plugin to run. | ||
+ | * It will ask for a password. Enter the '''ID password skattverket sent you''' ! | ||
===Skattverket=== | ===Skattverket=== | ||
− | Try to login on skattverket using e-legitimation from Telia. | + | * Try to login on skattverket using e-legitimation from Telia. |
− | + | * Allow the plugin to run. | |
+ | * It will ask for a password. Enter the '''ID password skattverket sent you''' ! | ||
Revision as of 11:34, 7 May 2015
BankId and eId are Swedish identification systems. They are very powerful! :-)
- eId (= official ID card identity) is managed by Telia and work under Linux
- BankId is NOT Linux friendly at all... :( This is not supported officially and it's hard to get it up and running...
To use eId you can use the official Telia reader or any other you like, as long as you have the correct drivers.
This article explains how to use:
- Handelsbanken card reader
- Skatteverket national e-ID
- Handelsbanken bankId
Contents
Linux drivers
Generic USB
First of all, some BankId card readers are not detected automatically...
To resolve that issue you should install libUSB:
apt-get install libusb-dev libusb++-dev
Generic smart-card readers
For BankId and e-Id to work you need both PCSC and OpenSC drivers.
# PCSC driver
apt-get install pcscd
apt-get install libpcsclite1 libpcsclite-dev
apt-get install libpcsc-perl pcsc-tools
# OpenSC driver
apt-get install pcscd opensc
Since we're talking security, you need to install the following security packages:
apt-get install libp11-dev pkcs11-data
apt-get install libnss3-tools
Enable smart-card reader pinpad:
vim /etc/opensc/opensc.conf
# Force the setting to true, no matter what
enable_pinpad = true;
Old 32bits libraries
BankId requires some old 32 bits libraries...
apt-get install iceweasel nspluginwrapper lib32z1
Handelsbanken smart-card reader drivers
Get drivers
You need to download the Handelsbanken card reader drivers:
- Official website (32 bits): https://www.handelsbanken.se/komigang
- Alternate version (64 bits): http://www.henriknordstrom.net/code/SHB/SHB_Deb_1.0.2_64bit.deb
- Personal copy (files has been downloaded 2015-05-07):
Installation
Install the drivers:
# 64 bits
dpkg -i SHB_Deb_1.0.2_64bit.deb
apt-get install -f
First part of the installation is now complete! You must reboot your computer
Installation smart-card reader check
To ensure you can use your smart-card reader, the following test should work:
pcsc_scan -n
You need to plug / unplug the reader and the cards. You should see movement in the console!
e-Id
Telia is the official provider of the e-ID support.
They have a wonderful website: https://cve.trust.telia.com/TeliaElegNG/
Installation
Automatic installation
Add Telia repository:
# Edit repositories list
sudo vim /etc/apt/sources.list
# Add the new repository
deb http://ppa.launchpad.net/ubuntu-se/netid/ubuntu trusty main
# Add repository key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F0511E06
# update list of packages
sudo apt-get update
Install the client
sudo apt-get install netid
Manual installation
- Download the latest package from the official website: https://cve.trust.telia.com/TeliaElegNG/NetId
- Extract package and run the installation process:
tar xzvf iidsetup_64.tar.gz
cd iidsetup/
sudo ./install
During the installation, reply yes to the following question:
Should the installation try to install the PKCS#11 module using NSS security toolkit? [Y/n]
Apply changes
Second part of the installation is now complete! You must log-off / log-in or reboot your computer
Test the reader
Local test
- Open Firefox and go to: file:///etc/iid/admin/index.html
- You should see your e-Id when you plug your card! :)
OnLine test
- Open Firefox and go to: https://cve.trust.telia.com/TeliaElegNG/Test
- Allow the plugin to run.
- It will ask for a password. Enter the ID password skattverket sent you !
Skattverket
- Try to login on skattverket using e-legitimation from Telia.
- Allow the plugin to run.
- It will ask for a password. Enter the ID password skattverket sent you !
BankId (community client)
The official Linux BankId support is terrible! ... That the least we can say!...
Fortunately there is a community client available on http://www.fribid.se/
Add the new BankId repository:
# Edit repositories list
sudo vim /etc/apt/sources.list
# Add the new repository
deb http://ppa.launchpad.net/samuellb/fribid/ubuntu trusty main
# Add repository key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C4A5A0B6
# update list of packages
sudo apt-get update
Install the client
sudo apt-get install fribid
BankId (manual install)
!! Officially BankId is not supported on Linux anymore since 2015-01-01 !!
Following instructions are using a legacy client!
Get BankId package
Get the official Linux installation package: https://install.bankid.com/Download/All
Alternative: Download a copy from 2015-05-07: http://daxiongmao.eu/wiki_upload_files/drivers/BISP-4.19.1.11663.tar.gz
Installation
Requirements
Since BankId client hasn't been updated for a long time, you need to install old GTK packages.
apt-get install overlay-scrollbar-gtk2 unity-gtk2-module
apt-get install gtk2-engines-murrine:i386 libidn11:i386
BankId setup
mkdir BankId
mv BISP-4.19.1.11663.tar.gz BankId/
cd BankId
tar xzvf BISP-4.19.1.11663.tar.gz
cd BISP-4.19.1.11663
sudo ./install.4.XXXXX.sh i
Create symlinks
To use BankId in your browser(s) you need to create a symlink for each of them:
ln -s /usr/local/lib/personal/libplugins.so /usr/lib/firefox-addons/plugins/libplugins.so
Check your BankId card
To ensure you can read and use your BankId card, insert your BankId card and run the following command immediately:
pkcs15-tool -L
You should be able to read certificates.
BankId usage
- BankId shortcut is available in:
/usr/share/applications/personal.desktop
- BankId application is available at:
/usr/local/bin/personal
Sources
e-Id
- official website: https://cve.trust.telia.com/TeliaElegNG/
- Ubuntu community article: https://wiki.ubuntu.com/SwedishTeam/Support/E-legitimation
BankId Linux community:
- http://www.fribid.se/ :-) Big thanks to them!
- Excellent and complete forum thread: https://forums.mageia.org/en/viewtopic.php?f=41&t=4384
Useful articles: