Mount Aladdin eToken in Firefox on Archlinux

Mount Aladdin eToken in Firefox on Archlinux

Do you like our work......we hire!

Never miss our publications about Open Source, big data and distributed systems, low frequency of one email every two months.

Given you’re on Archlinux and have an Aladdin eToken, let’s see how we can mount it in Firefox for web authentication.

An Aladdin eToken is a cryptographic device (token, smart card) that stores digital certificate and keys. It can be used to authenticate a given profile on company access portals. I found a lot of articles on how to set it up on Ubuntu. Unfortunately, the steps are different for my Archlinux machine, so here it goes.

First, you’ll need to install the following packages with your preferred package manager:

  • Opensc - Smart card tools and libraries
  • Openct - Driver implementations for smart cards
  • SAC-core - Safenet Authentication Client for Alladin eToken core package

With yay:

yay -S opensc openct sac-core

Once you’re done, you need to activate the pcscd service:

sudo systemctl enable pcscd.service 
sudo systemctl start pcscd.service

With this you should be able to detect the token, plug it and run the following command:

opensc-tool -l

If your token is detected you should get this output:

# Detected readers (pcsc)
Nr.  Card  Features  Name
0    Yes             [eToken name]

Now let’s move on to Firefox: we are going to manually load the PKCS11 library installed with the opensc and openct packages.

Start the browser (the token needs to be inserted before starting Firefox, otherwise it will crash) and follow these steps:

  • Open the Firefox preferences dialog
  • Choose “Privacy and Security” > “Certificates > “Security Devices”
  • Choose “Load”
  • Enter a name for the security module, such as “Local PKCS#11”
  • Choose “Browse…” and load “/usr/lib/”

Now the module is loaded and Firefox should detect your eToken.

You can open it by going back to the security devices preference section, select the line of your eToken below the module you just loaded, and click on “Log in”. Firefox will ask you for the password and you’re all done. The eToken’s certificate will appear in the list to choose when authenticating.

Share this article

Canada - Morocco - France

We are a team of Open Source enthusiasts doing consulting in Big Data, Cloud, DevOps, Data Engineering, Data Science…

We provide our customers with accurate insights on how to leverage technologies to convert their use cases to projects in production, how to reduce their costs and increase the time to market.

If you enjoy reading our publications and have an interest in what we do, contact us and we will be thrilled to cooperate with you.

Support Ukrain