GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PAM_OCRA (8)

NAME

pam_ocra - RFC6287 OCRA: OATH Challenge-Response Algorithm PAM module

CONTENTS

Synopsis
Description
     OCRA Authentication Module
Files
See Also
Standards
Authors

SYNOPSIS

[service-name] module-type control-flag pam_ocra [options]

DESCRIPTION

The OCRA service module for PAM, pam_ocra provides functionality for only one PAM category: authentication. In terms of the module-type parameter, this is the "auth" feature. It also provides null functions for the remaining module types.

    OCRA Authentication Module

The OCRA authentication component (pam_sm_authenticate) obtains OCRA credentials from the the per-user file ~/.ocra. If this fails and the dir parameter is set, directory/USERNAME will be used. It then provides the user with an OCRA challenge and verifies the response.

The following options may be passed to the authentication module:
dir = directory
  directory to search for OCRA credentials.
fake_prompt = suite_string
  Use suite_string to generate fake challenges for users who do not have OCRA credentials. Note that if this option is not set, no fake challenges will be generated which can leak information to a hypothetical attacker about who uses OCRA and who does not.

FILES

~/.ocra
 
OCRA credential file

SEE ALSO

pam.conf(5), pam(8), ocra_tool(8)

STANDARDS

RFC6287 OCRA: OATH Challenge-Response Algorithm

AUTHORS

The pam_ocra module and this manual page were developed by Stefan Grundmann
Search for    or go to Top of page |  Section 8 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.