How to enable libpam-poldi, ie. user authentication using OpenPGP smartcards. Tested using Yubikey Neo on Debian 8 (jessie).

Install required packages…

apt-get install libpam-poldi

Configure current key for current user, ie. create entry SERIAL USERNAME to poldi users db.

echo "$(poldi-ctrl -s)  $(whoami)" |sudo tee -a /etc/poldi/localdb/users

Add keys for current device to keydb.

$(poldi-ctrl -k) |sudo tee /etc/poldi/localdb/keys/$(poldi-ctrl -s)

Configure PAM. Append line

auth    sufficient  pam_poldi.so    quiet

to file /etc/pam.d/gdm-password after line

@include common-auth

Of course you might need to configure another file, if configuring other apps than GDM.

Feedback / comments?

Ping me (@ypcs) on Twitter