Secure print?

[Helge Blischke]

franz. pfoertsch. brose wrote:

>> At the CUPS site, look into the documentation regarding ppdc and
>> ppdcfiles. And, in most cases, you'll need to make a filter specific to
>> make and model to deal with the PPD extensions for "secure printing".
>> But be qware that querying for username and password or the like will be
>> a challenge with respect to security considerations on the job
>> originating host. Especially on systems where CUPS runs in a sandbox (as
>> in Mac OS X 10.6 and higher) you probably need a helper application to do
>> that.
>>
>> Helge
>>
>>
> I know the ppdc compiler, but the compiler does not suppor JCL-code, so I
> open http://www.cups.org/str.php?L4115 to support the missing. But all of
> this code is depricated. Support should be done by openprinting.org.
> 
> You are right with the security considerations!
> 
> But nobody is able to expand the gui with the missing extensions.
> PPD's only supports 'Pickone' and 'Boolean', we need the 'Password' and so
> on.
> 
> regards
> Franz

One more issue to consider:
The (usual) username / password combo is often converted to an encrypted 
credential based on proprietary algorithms, and the proprietary software to 
do that is often only available on Windows.

What I have done (for some KonikaMinolta Bizhub printers) was:
- set up a fake printer on Linux which "prints" to a file but with the 
  original printer's PPD.
- set up this printer on a Windows box using the original installer but set 
  up a connection to the Linux fake printer using Samba
- did a secure test print for every username / password combo I needed
- copied the encrypted strings together with an identification into a 
  filter specific to this printer make and model.

I must admit that this approach is only feasible if the number of 
credentials to be handled is fairly small.

Helge