Package pam_pkcs11: Information
Source package: pam_pkcs11
Version: 0.6.9-alt2.M80P.1
Build time: Nov 30, 2016, 11:31 AM in the task #173707
Category: System/Base
Report package bugHome page: https://github.com/OpenSC/pam_pkcs11
License: LGPL
Summary: PKCS #11 PAM Module and Login Tools
Description:
This Linux-PAM login module allows a X.509 certificate based user login. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as either online or locally accessible CRLs are used. Adittional included pam_pkcs11 related tools: - pkcs11_eventmgr: Generate actions on card insert/removal/timeout events - pklogin_finder: Get the loginname that maps to a certificate - pkcs11_inspect: Inspect the contents of a certificate
List of rpms provided by this srpm:
pam_pkcs11 (x86_64, i586)
pam_pkcs11-debuginfo (x86_64, i586)
pam_pkcs11-ldap (x86_64, i586)
pam_pkcs11-ldap-debuginfo (x86_64, i586)
pam_pkcs11-pcsc (x86_64, i586)
pam_pkcs11-pcsc-debuginfo (x86_64, i586)
pam_pkcs11 (x86_64, i586)
pam_pkcs11-debuginfo (x86_64, i586)
pam_pkcs11-ldap (x86_64, i586)
pam_pkcs11-ldap-debuginfo (x86_64, i586)
pam_pkcs11-pcsc (x86_64, i586)
pam_pkcs11-pcsc-debuginfo (x86_64, i586)
Maintainer: Ivan Zakharyaschev
List of contributors:
Ivan Zakharyaschev
Andrey Cherepanov
Eugeny A. Rostovtsev
Vitaly Kuznetsov
Igor Vlasenko
Sir Raorn
Ivan Zakharyaschev
Andrey Cherepanov
Eugeny A. Rostovtsev
Vitaly Kuznetsov
Igor Vlasenko
Sir Raorn
Last changed
Nov. 29, 2016 Ivan Zakharyaschev 0.6.9-alt2.M80P.1
- Build for p8.
Nov. 21, 2016 Ivan Zakharyaschev 0.6.9-alt3
- ask_pin (by default: true) option added (thx cas@); the corresponding PAM options are: ask_pin, dont_ask_pin.
Nov. 20, 2016 Ivan Zakharyaschev 0.6.9-alt2
- Restored ALT-specific features (from p7's 0.6.4-alt2, originally by raorn@): 1. The example configs are placed in /usr/share/pam_pkcs11/. 2. The use of OpenSSL's c_hash instead of pkcs11_make_hash_links is advised in the documentation; more options in example configs. 3. global_ca configuration option for the system-wide cert storage. 4. Russian translations updated (and shortened "smart card" into "token" in some places). 5. Larger buffers (to hold localized strings) and safer operations with them (no unjustified sprintf). 6. Check if there are any valid certificates before asking for PIN.