ALT repositories
Last updated at Sat, 06 Jun 2020 00:47:39 +0000 | SRPMs: 16795
en ru
SRPMs in branches
hide window
  • 0.6.9-alt2.M80P.1
  • 0.6.10-alt3.M80P.1
  • 0.6.9-alt3.M70C.1
  • 0.6.9-alt2.M70T.1
  • 0.6.4-alt1.1
  • 0.6.4-alt1.M60P.1
  • 0.6.4-alt1.M60T.1
Group :: Система/Основа
Source RPM: pam_pkcs11
Current version: 0.6.9-alt2.M80P.1
Built: about 5 years ago
Size: 220 KB
Repocop status: skip
Home page:

License: LGPL
Summary: PKCS #11 PAM Module and Login Tools

This Linux-PAM login module allows a X.509 certificate based user login.
The certificate and its dedicated private key are thereby accessed by
means of an appropriate PKCS #11 module. For the verification of the
users' certificates, locally stored CA certificates as well as either
online or locally accessible CRLs are used.

Adittional included pam_pkcs11 related tools:

- pkcs11_eventmgr: Generate actions on card insert/removal/timeout
- pklogin_finder: Get the loginname that maps to a certificate
- pkcs11_inspect: Inspect the contents of a certificate

List of contributors:

List of rpms provided by this srpm:
  • pam_pkcs11
  • pam_pkcs11-debuginfo
  • pam_pkcs11-ldap
  • pam_pkcs11-ldap-debuginfo
  • pam_pkcs11-pcsc
  • pam_pkcs11-pcsc-debuginfo
Recent changes (last three changelog entries):

2016-11-29 Ivan Zakharyaschev 0.6.9-alt2.M80P.1

    - Build for p8.

2016-11-21 Ivan Zakharyaschev 0.6.9-alt3

    - ask_pin (by default: true) option added (thx cas@);
      the corresponding PAM options are: ask_pin, dont_ask_pin.

2016-11-20 Ivan Zakharyaschev 0.6.9-alt2

    - Restored ALT-specific features (from p7's 0.6.4-alt2, originally by raorn@):
      1. The example configs are placed in /usr/share/pam_pkcs11/.
      2. The use of OpenSSL's c_hash instead of pkcs11_make_hash_links
         is advised in the documentation; more options in example configs.
      3. global_ca configuration option for the system-wide cert storage.
      4. Russian translations updated
         (and shortened "smart card" into "token" in some places).
      5. Larger buffers (to hold localized strings) and safer operations
         with them (no unjustified sprintf).
      6. Check if there are any valid certificates before asking for PIN.
The Geyser project is based on code from Prometheus2.0, which had been made available under the MIT License.