pam_pkcs11
Section: System Administration tools (8)
Updated: 15-Feb-2005
Index
Return to Main Contents
NAME
pam_pkcs11 - PAM Authentication Module for PKCS#11 token libraries
SYNOPSIS
pam_pkcs11.so
[debug]
[configfile=<configfile>]
DESCRIPTION
This Linux-PAM login module allows a X.509 certificate based user
login. The certificate and its dedicated private key are thereby
accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA
certificates as well as either online or locally accessible CRLs are
used.
CONFIGURATION
The program that needs a PAM service should be configured in
/etc/pam.conf
or
/etc/pam.d/<servicename>.
pam_pkcs11
can be used in the <auth> PAM chain.
For details on how to configure PAM services, see the PAM
documentation for your system. This manual does not cover PAM
configuration details. The existing PAM service definitions for
other applications on your system is also a good source for examples
on how to configure a PAM service.
FILES
/etc/pam_pkcs11/pam_pkcs11.conf
/usr/lib/pam_pkcs11/*_mapper.so
AUTHOR
Original PAM-pkcs11 was written by Mario Strasser <mast@gmx.net>.
Newer versions are from Juan Antonio Martinez
<jonsito@teleline.es>.
REPORTING BUGS
Report bugs ideas, comments, bug-fixes and so to:
Juan Antonio Martinez <jonsito@teleline.es>
SEE ALSO
pam(8),
pam_pkcs11.conf(5),
PAM Systems Administrator Guide,
README.mappers
file, PAM-PKCS#11 User Manual.