Configuring the smart card reader

The Autonomic Health Advisor File System (AHAFS) provides an event monitoring framework in the AIX® operating system. The /usr/local/sbin/pmfa_hotplug_usb program uses this AHAFS framework to dynamically discover USB smart card devices and to monitor them for card insertion and removal events. The pmfa_hotplug_usb program starts and stops the pcscd PC/SC smart card reader daemon when events occur.

Attention: Make sure the smart card is not in the reader when the session is locked and any of following conditions occur. Otherwise, the login may try to use the smart card PIN as the password and thereby invalidate the smart card after some number of failed attempts.
  • Password fallback is enabled and the login falls back to your password.
  • You need to use your password to log in.
  • The root user logs in with a password to unlock the session.
The pmfa_hotplug_usb program is implemented as a service called pmfahotplugd. To configure the smart card reader, complete the following steps on the AIX system that has the card reader attached to a USB port:
  1. Ensure that the bos.ahafs file set is installed. The IBM® PowerSC MFA installation creates the /aha directory, and mounts the AHAFS file system on it.
  2. Ensure that the pmfahotplugd service is running. The pmfahotplugd service starts at every system reboot. 
    lssrc -s pmfahotplugd
  3. If the pmfahotplugd service is not running, start it: 
    startsrc -s pmfahotplugd
  4. Physically plug in the smart card reader.
  5. Insert the smart card in to the smart card reader.