通过 rdp (Raspberry) 使用智能卡 [英] Using smartcard through rdp (Raspberry)
问题描述
我展示了我的设置,然后我展示了问题:
Hi I present my setup and then I show the problems:
Raspberry Pi Model 2(客户端 RDP)-----------> 台式机 DELL(服务器 RDP)
Raspberry Pi Model 2 (Client RDP) -----------> Desktop DELL (Server RDP)
SO:Raspbian Wheezy -------------------------> SO:Windows 7
SO: Raspbian Wheezy -------------------------> SO: Windows 7
智能卡读卡器集成在连接到 Raspberry 的戴尔键盘中.
Smartcard reader integrated in DELL Keyboard connected to Raspberry.
现在的问题:当我在主机(Desktop DELL)中使用智能卡读卡器时,连接了键盘并在其中引入了 DNIe(西班牙身份证件)功能.我可以转到我的资源管理器并查看证书.
Now the problem: When I use the smartcard reader in the host (Desktop DELL) with the keyboard connected and with DNIe (spanish identity document) introduced in it functions. I can go to my explorer and I see the certificates.
现在我连接到 Raspberry 并通过 RDP 在 Raspberry 的屏幕中看到主机(Windows 7)的屏幕.然后我将 DNIe 连接到智能卡读卡器插槽中,但键盘上没有显示灯.(当我在主机桌面上连接它时,它显示一个绿色信号,表示检测到卡.我也在远程会话中打开资源管理器,没有出现任何证书,我无法签署国家提供给我们的测试使用 DNIe 测试签名.
Now I connect to the Raspberry and via RDP I see the screen of the host (Windows 7) in Raspberry's screen. Then I connect the DNIe in the smartcard reader slot but no light is showed in the keyboard. (When I connect it in the host desktop it shows a green signal meaning the card is detected. I also open the explorer in the remote session and don't appear any certificate and I can't sign the test that the State provide us to test the signature with DNIe.
我在其他网站上看了很多意见,大家都说通过rdp连接是不可能的,是真的还是有解决办法?
I read a lot of opinions in other websites and everyone says that it's not possible to do that when you are connected via rdp, that's true or there is a solution to this problem?
推荐答案
您的问题很可能是由代表 PC/SC 层(提供对智能卡读取器的访问的低级子系统)在 MS Windows 中.当 winscard.dll 检测到 RDP 会话打开时,它会禁用对本地读取器的访问,将所有调用重定向到远程客户端,并通过这样做有效地仅提供对连接到 RDP 客户端计算机的读取器的访问.
Your problem is most likely caused by a built-in feature of winscard.dll library which represents PC/SC layer (low level subsystem providing access to the smartcard readers) in MS Windows. When winscard.dll detects there is an RDP session open, it disables access to the local readers, redirects all calls to the remote client and by doing this it effectively provides access only to the readers connected to the RDP client machine.
我知道可以防止 PC/SC 重定向的三种解决方案:
I am aware of three solutions that can prevent PC/SC redirection:
- 不要使用 RDP.这是最简单、最便宜和最干净的解决方案.真的!
- 请您的卡供应商将中间件中的 PC/SC (winscard.dll) 替换为其他内容.祝你好运!
- 强烈反对:您可以破解您的 winscard.dll 库并禁用重定向功能.
- Don't use RDP. This is the EASIEST, CHEAPEST and CLEANEST solution. Really!
- Ask your card vendor to replace PC/SC (winscard.dll) in middleware with something else. Good luck with that!
- STRONGLY DISCOURAGED: You can hack your winscard.dll library and disable redirection feature.
就我个人而言,我始终坚持第一个选项 - 最简单、最便宜和最干净的解决方案.
Personally I always stick with the first option - easiest, cheapest and cleanest solution.
这篇关于通过 rdp (Raspberry) 使用智能卡的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
