From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 24 08:31:17 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id F064B14F3
 for <freebsd-questions@freebsd.org>; Sun, 24 Mar 2013 08:31:17 +0000 (UTC)
 (envelope-from tomek.cedro@gmail.com)
Received: from mail-qe0-f51.google.com (mail-qe0-f51.google.com
 [209.85.128.51]) by mx1.freebsd.org (Postfix) with ESMTP id B77E8652
 for <freebsd-questions@freebsd.org>; Sun, 24 Mar 2013 08:31:17 +0000 (UTC)
Received: by mail-qe0-f51.google.com with SMTP id nd7so2967147qeb.10
 for <freebsd-questions@freebsd.org>; Sun, 24 Mar 2013 01:31:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:x-received:sender:in-reply-to:references:date
 :x-google-sender-auth:message-id:subject:from:to:cc:content-type;
 bh=rnO+FBerrXvgwVEqoht9VjWiMyfvy9D+8v5anwuekUo=;
 b=Tgri7hzafygynwDaywj0C9+rtbOM32DF6NCws+5zhrTsJvOv2Ed1RBpdzhYeOa6Rt4
 5ULqW8/Ew0DWAUEFTXBanhRx1LGk57sts/uP9U2KCCebF/ZghJEf7/bpoycqoeD7+kxu
 SdlGWe7LybvYMzfQxidrM1r0eRoFrrqIm2a/T/f/evYjTIzerErcQnkNgHfDkdG2/tL1
 czGznn/zOw5wsMCphkeWZoL6NTpg0QApO07XIFhcgmarK5Hng4Ga3O5UOYRAJst6Cq3/
 dF2KNDYK7ojJCS06DQ3yWnbkl5q2f1NXlMWMg5biUhc7hMqFQqCAlm25vsseUXm/+Auo
 UKlQ==
MIME-Version: 1.0
X-Received: by 10.49.34.140 with SMTP id z12mr2812277qei.10.1364113870922;
 Sun, 24 Mar 2013 01:31:10 -0700 (PDT)
Sender: tomek.cedro@gmail.com
Received: by 10.49.132.98 with HTTP; Sun, 24 Mar 2013 01:31:10 -0700 (PDT)
In-Reply-To: <20130324092248.76809163.freebsd@edvax.de>
References: <B2DC7342-9F1A-489A-94F0-49802B1E5DF6@lafn.org>
 <CAFYkXjmc47oaCkMMF40oNM3Zsk=L1x6HeyUhYY2pRMfgKf-UZg@mail.gmail.com>
 <85D3DEE2-3E4E-4B68-87B0-6B946F15581C@lafn.org>
 <20130324092248.76809163.freebsd@edvax.de>
Date: Sun, 24 Mar 2013 09:31:10 +0100
X-Google-Sender-Auth: l1jtf8V6DfEh6aYN4Le1nAxONds
Message-ID: <CAFYkXjk2DXS8T-HGUU38rHu3eHsfF5x6m2mOBgZhoZ_HJczqaw@mail.gmail.com>
Subject: Re: Client Authentication
From: CeDeROM <cederom@tlen.pl>
To: Polytropon <freebsd@edvax.de>
Content-Type: text/plain; charset=UTF-8
Cc: "freebsd-questions@freebsd.org List" <freebsd-questions@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2013 08:31:18 -0000

Certificate + Password/PIN should be okay. You can maybe create a
policy for the target system to enable a screensaver to block the
screen after short period that will force user to enter his/hers
password..? I know in theory all seems easy :-) :-) Good luck! :-)

-- 
CeDeROM, SQ7MHZ, http://www.tomek.cedro.info