Unix/Linux Go Back    

OpenSolaris 2009.06 - man page for pam_smartcard (opensolaris section 5)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)

pam_smartcard(5)	       Standards, Environments, and Macros		 pam_smartcard(5)

       pam_smartcard - PAM authentication module for Smart Card


       The  Smart Card service module for PAM, /usr/lib/security/pam_smartcard.so, provides func-
       tionality to obtain a user's information (such as user name  and  password)  for  a  smart
       card.  The  pam_smartcard.so  module  is a shared object that can be dynamically loaded to
       provide the necessary functionality upon demand. Its path is specified in the PAM configu-
       ration file pam.conf. See pam.conf(4).

   Smart Card Authentication Module
       The Smart Card authentication component provides the pam_sm_authenticate(3PAM) function to
       verify the identity of a smart card user.

       The pam_sm_authenticate() function collects as user input the PIN number. It  passes  this
       data  back  to  its underlying layer, OCF, to perform PIN verification. If verification is
       successful, the module returns PAM_SUCCESS, and passes the username and password from  the
       smart card to PAM modules stacked below.pam_smartcard.

       The following options can be passed to the Smart Card service module:

       debug	  syslog(3C) debugging information at LOG_DEBUG level.

       nowarn	  Turn off warning messages.

       verbose	  Turn on verbose authentication failure reporting to the user.

   Smart Card Module Configuration
       The  PAM smart card module (pam_smartcard) can be configured in the PAM configuration file
       (/etc/pam.conf).  For example, the following configuration on on the desktop (Common Desk-
       top Environment) forces a user to use a smart card for logging in.

       The  following  are typical values set by 'smartcard -c enable', if the command is applied
       to the default configuration.

	 dtlogin	 auth requisite 	 pam_smartcard.so.1
	 dtlogin	 auth required		 pam_authtok_get.so.1
	 dtlogin	 auth required		 pam_dhkeys.so.1

	 dtsession	 auth requisite 	 pam_smartcard.so.1
	 dtsession	 auth required		 pam_authtok_get.so.1
	 dtsession	 auth required		 pam_dhkeys.so.1

       smartcard(1M),	libpam(3LIB),	pam(3PAM),    pam_authenticate(3PAM),	 pam_start(3PAM),
       pam.conf(4),	 pam_authtok_check(5),	    pam_authtok_get(5),     pam_authtok_store(5),
       pam_dhkeys(5), pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),  pam_unix_ses-

       The  pam_unix(5)  module  is  no  longer  supported.  Similar functionality is provided by
       pam_authtok_check(5),	 pam_authtok_get(5),	 pam_authtok_store(5),	   pam_dhkeys(5),
       pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), and pam_unix_session(5).

SunOS 5.11				   24 Oct 2002				 pam_smartcard(5)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 02:58 PM.