Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pam_pkcs11(8) [centos man page]

pam_pkcs11(8)						    System Administration tools 					     pam_pkcs11(8)

NAME
pam_pkcs11 - PAM Authentication Module for PKCS#11 token libraries SYNOPSIS
pam_pkcs11.so [debug] [configfile=<configfile>] DESCRIPTION
This Linux-PAM login module allows a X.509 certificate based user login. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as either online or locally accessible CRLs are used. CONFIGURATION
The program that needs a PAM service should be configured in /etc/pam.conf or /etc/pam.d/<servicename>. pam_pkcs11 can be used in the <auth> PAM chain. For details on how to configure PAM services, see the PAM documentation for your system. This manual does not cover PAM configuration details. The existing PAM service definitions for other applications on your system is also a good source for examples on how to configure a PAM service. FILES
/etc/pam_pkcs11/pam_pkcs11.conf /usr/lib/pam_pkcs11/*_mapper.so AUTHOR
Original PAM-pkcs11 was written by Mario Strasser <mast@gmx.net>. Newer versions are from Juan Antonio Martinez <jonsito@teleline.es>. REPORTING BUGS
Report bugs ideas, comments, bug-fixes and so to: Juan Antonio Martinez <jonsito@teleline.es> SEE ALSO
pam(8), pam_pkcs11.conf(5), PAM Systems Administrator Guide, README.mappers file, PAM-PKCS#11 User Manual. Mario Strasser 15-Feb-2005 pam_pkcs11(8)

Check Out this Related Man Page

pkcs11_inspect(1)						    PAM PKCS#11 						 pkcs11_inspect(1)

NAME
pkcs11_inspect - print certificate contents SYNOPSIS
pkcs11_inspect [debug] [config_file=<filename>] DESCRIPTION
pkcs11_inspect uses the pam_pkcs11 library infrastructure to get the content of a certificate and display it. pkcs11_inspect uses the same configuration file and arguments than pam_pkcs11(8) PAM module. It loads defined mapper modules, and use them to look into the certificate for required entries (ie: ms_mapper looks for ms UPN entries, and so on). When a mapper module finds a proper entry in the certificate, it converts to UTF-8 and print it to stdout. OPTIONS
debug Enable debugging output. config_file=<filename> Sets the configuration file to use. Default value is /etc/pam_pkcs11/pam_pkcs11.conf. As it uses the same configuration file as pam_pkcs11, all pam_pkcs11 options are also available. Note that some of them have no sense in a non-PAM environment, so they will be ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, so they will be ignored too. RETURN VALUE
On success pkcs11_inspect prints on stdout all certificate contents that are found for mappers and returns 0. On error it returns 1. FILES
/etc/pam_pkcs11/pam_pkcs11.conf EXAMPLES
To run this program the standard way, insert a smart card in the reader and type: pkcs11_inspect Alternatively you can specify options: pkcs11_inspect debug config_file=${HOME}/.pam_pkcs11.conf AUTHORS
Juan Antonio Martinez <jonsito@teleline.es> SEE ALSO
pam_pkcs11(8), pklogin_finder(1) PAM-PKCS11 User Manual Juan Antonio Martinez Aug 2005 pkcs11_inspect(1)
Man Page

8 More Discussions You Might Find Interesting

1. AIX

PAM and aix

Does any one know how to get aix 5.3 pam working .. Is there any pathc to make it work (0 Replies)
Discussion started by: ayeshaseerin
0 Replies

2. Red Hat

PAM -- module key_init.so

Hello, I'm now analysing the working of PAM. PAM works with config-files, that you can find under the directory /etc/pam.d. One of those config.-files is the file: login.conf. ------------------------------------------------------------------------------------------------------ #... (0 Replies)
Discussion started by: caroline
0 Replies

3. UNIX for Dummies Questions & Answers

Path to Linux / Unix Systems Administrator

Hello! I have seen similar questions asked about how to become a system administrator. Most would say experience is more important than just getting a certificate and even a degree. However, I haven't found a good information how to build experience from a newbie to entry-level systems... (8 Replies)
Discussion started by: sideburn
8 Replies

4. UNIX for Advanced & Expert Users

PAM and vsftp interaction

If I use to PAM to validate a vsftp user using a remote service to do the validation and the user does not exist on the system locally, then what becomes the home directory for the user logging in via vsftp? Assuming that chroot_user_list is enable to limit all users to their home directory. (0 Replies)
Discussion started by: ChrisC
0 Replies

5. Red Hat

PAM: Unlock user account after 30mins

Hi We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like: PAM locks accounts if pam tally reaches 10. PAM unlocks the account after 30mins from locking it, and resets the pam_tally. The key is that we don't... (0 Replies)
Discussion started by: snoop2048
0 Replies

6. SuSE

Authentication with PAM

Hello all, I recently updated PAM policy files (pam_authz.policy) on HP-UX Servers with AD groups involving allowing and denying the certain groups.. Could anyone tell me what is the equivalent mechanism in SLES(Linux)? Is it possible to allow/deny AD group access with the SLES LDAP... (0 Replies)
Discussion started by: lcclaj0
0 Replies

7. UNIX for Advanced & Expert Users

Configure samba with PAM point 2 different LDAP

Hi, I would like to configure samba with PEM (with LDAP). I've already found, on the server, configured the PAM Authentication(with LDAP) for ssh. I wanted to know if it was possible to configure PAM for to authenticate to another LDAP only for SAMBA. Is possibile duplicate the... (2 Replies)
Discussion started by: mark888
2 Replies

8. Linux

How to configure FTPS service on Linux 7.2?

Hey Guys, I need to know , how to configure the FTPS service on Linux 7.2 OS. Please advise. Thanks (0 Replies)
Discussion started by: anil1000
0 Replies

Featured Tech Videos