MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


Standards, Environments, and Macros              pamsmartcard(5)



NAME
     pamsmartcard - PAM authentication module for Smart Card

SYNOPSIS
     /usr/lib/security/pamsmartcard.so


DESCRIPTION
     The    Smart    Card     service     module     for     PAM,
     /usr/lib/security/pamsmartcard.so,  provides  functionality
     to obtain a user's information (such as user name and  pass-
     word)  for  a  smart  card. The pamsmartcard.so module is a
     shared object that can be dynamically loaded to provide  the
     necessary  functionality  upon demand. Its path is specified
     in the PAM configuration file pam.conf. See pam.conf(4).

  Smart Card Authentication Module
     The  Smart  Card  authentication  component   provides   the
     pamsmauthenticate(3PAM) function to verify the identity of
     a smart card user.


     The pamsmauthenticate() function collects  as  user  input
     the  PIN  number. It passes this data back to its underlying
     layer, OCF, to perform PIN verification. If verification  is
     successful,  the  module returns PAMSUCES, and passes the
     username and password from the smart  card  to  PAM  modules
     stacked below.pamsmartcard.


     The following options can be passed to the Smart  Card  ser-
     vice module:

     debug      syslog(3C)  debugging  information  at  LOGDEBUG
                level.


     nowarn     Turn off warning messages.


     verbose    Turn on verbose authentication failure  reporting
                to the user.


  Smart Card Module Configuration
     The PAM smart card module (pamsmartcard) can be  configured
     in the PAM configuration file (/etc/pam.conf).  For example,
     the following configuration on on the desktop (Common  Desk-
     top  Environment) forces a user to use a smart card for log-
     ging in.





SunOS 5.11          Last change: 24 Oct 2002                    1






Standards, Environments, and Macros              pamsmartcard(5)



     The following  are  typical  values  set  by  'smartcard  -c
     enable', if the command is applied to the default configura-
     tion.

       dtlogin         auth requisite          pamsmartcard.so.1
       dtlogin         auth required           pamauthtokget.so.1
       dtlogin         auth required           pamdhkeys.so.1

       dtsession       auth requisite          pamsmartcard.so.1
       dtsession       auth required           pamauthtokget.so.1
       dtsession       auth required           pamdhkeys.so.1


SEE ALSO
     smartcard(1M),           libpam(3LIB),            pam(3PAM),
     pamauthenticate(3PAM),     pamstart(3PAM),    pam.conf(4),
     pamauthtokcheck(5),                    pamauthtokget(5),
     pamauthtokstore(5),   pamdhkeys(5),   pampasswdauth(5),
     pamunixaccount(5), pamunixauth(5), pamunixsession(5)

NOTES
     The pamunix(5) module is no longer supported. Similar func-
     tionality     is     provided    by    pamauthtokcheck(5),
     pamauthtokget(5),   pamauthtokstore(5),   pamdhkeys(5),
     pampasswdauth(5),  pamunixaccount(5),  pamunixauth(5),
     and pamunixsession(5).





























SunOS 5.11          Last change: 24 Oct 2002                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™