| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 |
- pam_timestamp — Authenticate using cached successful authentication attempts
- ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
- DESCRIPTION
- In a nutshell, pam_timestamp caches successful authentication attempts, and
- allows you to use a recent successful attempt as the basis for authentication.
- This is similar mechanism which is used in sudo.
- When an application opens a session using pam_timestamp, a timestamp file is
- created in the timestampdir directory for the user. When an application
- attempts to authenticate the user, a pam_timestamp will treat a sufficiently
- recent timestamp file as grounds for succeeding.
- The default encryption hash is taken from the HMAC_CRYPTO_ALGO variable from /
- etc/login.defs.
- OPTIONS
- timestampdir=directory
- Specify an alternate directory where pam_timestamp creates timestamp files.
- timestamp_timeout=number
- How long should pam_timestamp treat timestamp as valid after their last
- modification date (in seconds). Default is 300 seconds.
- verbose
- Attempt to inform the user when access is granted.
- debug
- Turns on debugging messages sent to syslog(3).
- NOTES
- Users can get confused when they are not always asked for passwords when
- running a given program. Some users reflexively begin typing information before
- noticing that it is not being asked for.
- EXAMPLES
- auth sufficient pam_timestamp.so verbose
- auth required pam_unix.so
- session required pam_unix.so
- session optional pam_timestamp.so
- AUTHOR
- pam_timestamp was written by Nalin Dahyabhai.
|
