NAME¶
pam_pkcs11 - PAM Authentication Module for PKCS#11 token libraries
SYNOPSIS¶
pam_pkcs11.so [
debug]
[
configfile=<configfile>]
DESCRIPTION¶
This Linux-PAM login module allows a X.509 certificate based user login. The
certificate and its dedicated private key are thereby accessed by means of an
appropriate PKCS #11 module. For the verification of the users' certificates,
locally stored CA certificates as well as either online or locally accessible
CRLs are used.
CONFIGURATION¶
The program that needs a PAM service should be configured in
/etc/pam.conf or
/etc/pam.d/<servicename>.
pam_pkcs11 can be used in the <auth> PAM chain.
For details on how to configure PAM services, see the PAM documentation for your
system. This manual does not cover PAM configuration details. The existing PAM
service definitions for other applications on your system is also a good
source for examples on how to configure a PAM service.
FILES¶
/etc/pam_pkcs11/pam_pkcs11.conf
/usr/lib/pam_pkcs11/*_mapper.so
AUTHOR¶
Original PAM-pkcs11 was written by Mario Strasser <mast@gmx.net>. Newer
versions are from Juan Antonio Martinez <jonsito@teleline.es>.
REPORTING BUGS¶
Report bugs ideas, comments, bug-fixes and so to:
Juan Antonio Martinez
<jonsito@teleline.es>
SEE ALSO¶
pam(8),
pam_pkcs11.conf(5), PAM Systems Administrator Guide,
README.mappers file, PAM-PKCS#11 User Manual.