pam_dotfile 0.7 review

Download
by rbytes.net on

pam_dotfileis a PAM module which allows users to have more than one password for a single account, each for a different service. T

License: GPL (GNU General Public License)
File size: 223K
Developer: Lennart Poettering
0 stars award from rbytes.net

pam_dotfileis a PAM module which allows users to have more than one password for a single account, each for a different service.

This is desirable because many users have objections to using the same password for (as an example) an IMAP4 mailbox and SSH access.

The IMAP4 password should be distinct from the SSH password because the user wants to save the former in the configuration of his mail agent, but not the latter. The same applies to POP3 mailboxes, FTP and comparable services.

PAM parameters

debug - Be very verbose to syslog(3)
use_first_pass - Don't issue a password prompt, use one supplied by a previous modules
try_first_pass - Nearly the same as use_first_pass, but don't fail if no password was supplied, instead query the user
use_authtok - Synonym for use_first_pass
rootok - Don't deny access for users with uid == 0
nullok - Don't deny access for null passwords
fork - Always fork before trying to open the password files via the helper tool
nofork - Never fork
no_warn - Suppress warnings to syslog(3)
stat_only_home - verifies group/world readability only inside the home directory. e.g. if the configuration file is /home/waldo/.pam/service only /home/waldo/.pam and /home/waldo are tested. This is sometimes necessary if the home directories are symbolic links.
nocompat05 - Disable compatibility with pam_dotfile

pam_dotfile 0.7 keywords