GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PAM_OPIEACCESS (8)

NAME

pam_opieaccess - OPIEAccess PAM module

CONTENTS

Synopsis
Description
     OPIEAccess Authentication Module
Files
See Also
Authors

SYNOPSIS

[service-name] module-type control-flag pam_opieaccess [options]

DESCRIPTION

The pam_opieaccess module is used in conjunction with the pam_opie(8) PAM module to ascertain that authentication can proceed by other means (such as the pam_unix(8) module) even if OPIE authentication failed. To properly use this module, pam_opie(8) should be marked "sufficient", and pam_opieaccess should be listed right below it and marked "requisite".

The pam_opieaccess module provides functionality for only one PAM category: authentication. In terms of the module-type parameter, this is the "auth" feature. It also provides null functions for the remaining module types.

    OPIEAccess Authentication Module

The authentication component (pam_sm_authenticate), returns PAM_SUCCESS in two cases:
  1. The user does not have OPIE enabled.
  2. The user has OPIE enabled, and the remote host is listed as a trusted host in /etc/opieaccess, and the user does not have a file named .opiealways in his home directory.

Otherwise, it returns PAM_AUTH_ERR.

The following options may be passed to the authentication module:
allow_local
  Normally, local logins are subjected to the same restrictions as remote logins from "localhost". This option causes pam_opieaccess to always allow local logins.
debug syslog(3) debugging information at LOG_DEBUG level.
no_warn suppress warning messages to the user. These messages include reasons why the user’s authentication attempt was declined.

FILES

/etc/opieaccess List of trusted hosts or networks. See opieaccess(5) for a description of its syntax.
$HOME/.opiealways
  The presence of this file makes OPIE mandatory for the user.

SEE ALSO

opie(4), opieaccess(5), pam.conf(5), pam(8), pam_opie(8)

AUTHORS

The pam_opieaccess module and this manual page were developed for the
.Fx Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.
Search for    or go to Top of page |  Section 8 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.