FreeBSD Manual Pages
PAM_OPIEACCESS(8) FreeBSD System Manager's Manual PAM_OPIEACCESS(8) NAME pam_opieaccess -- OPIEAccess PAM module SYNOPSIS [service-name] module-type control-flag pam_opieaccess [options] DESCRIPTION The pam_opieaccess module is used in conjunction with the pam_opie(8) PAM module to ascertain that authentication can proceed by other means (such as the pam_unix(8) module) even if OPIE authentication failed. To prop- erly use this module, pam_opie(8) should be marked ``sufficient'', and pam_opieaccess should be listed right below it and marked ``requisite''. The pam_opieaccess module provides functionality for only one PAM cate- gory: authentication. In terms of the module-type parameter, this is the ``auth'' feature. It also provides null functions for the remaining mod- ule types. OPIEAccess Authentication Module The authentication component (pam_sm_authenticate()), returns PAM_SUCCESS in two cases: 1. The user does not have OPIE enabled. 2. The user has OPIE enabled, and the remote host is listed as a trusted host in /etc/opieaccess, and the user does not have a file named opiealways in his home directory. Otherwise, it returns PAM_AUTH_ERR. The following options may be passed to the authentication module: debug syslog(3) debugging information at LOG_DEBUG level. no_warn suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined. SEE ALSO opie(4), opieaccess(5), pam.conf(5), pam(8), pam_opie(8) AUTHORS The pam_opieaccess module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Divi- sion of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research pro- gram. FreeBSD 11.1 January 21, 2002 FreeBSD 11.1
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | AUTHORS
Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=pam_opieaccess&sektion=8&manpath=FreeBSD+5.0-RELEASE>