freebsd man page for pam_opieaccess

Query: pam_opieaccess

OS: freebsd

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

PAM_OPIEACCESS(8)					    BSD System Manager's Manual 					 PAM_OPIEACCESS(8)

NAME
pam_opieaccess -- OPIEAccess PAM module
SYNOPSIS
[service-name] module-type control-flag pam_opieaccess [options]
DESCRIPTION
The pam_opieaccess module is used in conjunction with the pam_opie(8) PAM module to ascertain that authentication can proceed by other means (such as the pam_unix(8) module) even if OPIE authentication failed. To properly use this module, pam_opie(8) should be marked ``sufficient'', and pam_opieaccess should be listed right below it and marked ``requisite''. The pam_opieaccess module provides functionality for only one PAM category: authentication. In terms of the module-type parameter, this is the ``auth'' feature. It also provides null functions for the remaining module types. OPIEAccess Authentication Module The authentication component (pam_sm_authenticate()), returns PAM_SUCCESS in two cases: 1. The user does not have OPIE enabled. 2. The user has OPIE enabled, and the remote host is listed as a trusted host in /etc/opieaccess, and the user does not have a file named .opiealways in his home directory. Otherwise, it returns PAM_AUTH_ERR. The following options may be passed to the authentication module: allow_local Normally, local logins are subjected to the same restrictions as remote logins from ``localhost''. This option causes pam_opieaccess to always allow local logins. debug syslog(3) debugging information at LOG_DEBUG level. no_warn suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined.
FILES
/etc/opieaccess List of trusted hosts or networks. See opieaccess(5) for a description of its syntax. $HOME/.opiealways The presence of this file makes OPIE mandatory for the user.
SEE ALSO
opie(4), opieaccess(5), pam.conf(5), pam(8), pam_opie(8)
AUTHORS
The pam_opieaccess module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.
BSD
October 26, 2007 BSD
Related Man Pages
pam_ldap(8) - centos
pam_alreadyloggedin(8) - debian
pam_ldap(8) - debian
pam_exec(8) - freebsd
pam_opieaccess(8) - freebsd
Similar Topics in the Unix Linux Community
Mac OS X: Based on UNIX - Solid As a Rock
FreeBSD Kernel Internals, Dr. Marshall Kirk McKusick
Reason for no directory creation date
Valid separator in time and date format
UNIX Environment Setup - (Just starting!)